26.\"
27.Dd July 3, 2000
28.Dt RC.CONF 5
29.Os
30.Sh NAME
31.Nm rc.conf
32.Nd system configuration information.
33.Sh DESCRIPTION
34The file
35.Nm
36contains descriptive information about the local host name, configuration
37details for any potential network interfaces and which services should be
38started up at system initial boot time. In new installations, the
39.Nm
40file is generally initialized by the system installation utility:
41.Pa /stand/sysinstall .
42.Pp
43The purpose of
44.Nm
45is not to run commands or perform system startup actions
46directly. Instead, it is included by the
47various generic startup scripts in
48.Pa /etc
49which conditionalize their
50internal actions according to the settings found there.
51.Pp
52The
53.Pa /etc/rc.conf
54file is included from the file
55.Pa /etc/defaults/rc.conf ,
56which specifies the default settings for all the available options.
57Options
58need only be specified in
59.Pa /etc/rc.conf
60when the system administrator wishes to override these defaults.
61The file
62.Pa /etc/rc.conf.local
63is used to override settings in
64.Pa /etc/rc.conf
65for historical reasons.
66See the
67.Dq rc_conf_files
68option below.
69.Pp
70The following list provides a name and short description for each
71variable you can set in the
72.Nm
73file:
74.Bl -tag -width Ar
75.It Ar swapfile
76(str) If set to
77.Ar NO
78then no swapfile is installed, otherwise the value is used as the full
79pathname to a file to use for additional swap space.
80.It Ar apm_enable
81(bool) If set to
82.Ar YES ,
83enable support for Automatic Power Management with
84the
85.Xr apm 8
86command.
87.It Ar apmd_enable
88(bool) Run
89.Xr apmd 8
90to handle APM event from userland.
91This also enable support for APM.
92.It Ar apmd_flags
93(str) If
94.Ar apmd_enable
95is set to
96.Ar YES ,
97these are the flags to pass to the
98.Xr apmd 8
99daemon.
100.It Ar pccard_enable
101(bool) If set to
102.Ar YES ,
103enable PCCARD support at boot time.
104.It Ar pccard_mem
105(str) Set to PCCARD controller memory address or
106.Ar DEFAULT
107for the default value.
108.It Ar pccard_ifconfig
109(str) List of arguments to be passed to ifconfig(8) at boot time or on
110insertion of of the card (e.g. "inet 192.168.1.1 netmask 255.255.255.0"
111for a fixed address or "DHCP" for a DHCP client).
112.It Ar pccard_beep
113(integer) If 0,
114set the PCCARD controller to silent mode.
115If 1,
116set it to beep mode.
117If 2,
118set it to melody mode.
119.It Ar pccard_conf
120(str) Path to the configuration file for the
121.Xr pccardd 8
122daemon (e.g.
123.Pa /etc/pccard.conf.sample ) .
124.It Ar pccardd_flags
125(str) If
126.Ar pccard_enable
127is set to
128.Ar YES ,
129these are the flags to pass to the
130.Xr pccardd 8
131daemon.
132.It Ar local_startup
133(str) List of directories to search for startup script files.
134.It Ar hostname
135(str) The Fully Qualified Domain Name of your host on the network.
136This should almost certainly be set to something meaningful, even if
137you are not connected to a network. If you are using
138.Xr dhclient 8
139to set your hostname via DHCP, this variable should be set to an empty string.
140.It Ar nisdomainname
141(str) The NIS domainname of your host, or
142.Ar NO
143if you are not running NIS.
144.It Ar dhcp_program
145(str) Path to the DHCP client program
146.Po
147.Pa /sbin/dhclient ,
148the ISC DHCP client,
149is the default
150.Pc .
151.It Ar dhcp_flags
152(str) Additional flags to pass to the DHCP client program.
153For the ISC DHCP client, see the
154.Xr dhclient 8
155page for a description of the command line options available.
156.It Ar firewall_enable
157(bool) Set to
158.Ar NO
159if you do not want have firewall rules loaded at startup, or
160.Ar YES
161if you do.
162If set to
163.Ar YES ,
164and the kernel was not built with IPFIREWALL, the ipfw
165kernel module will be loaded.
166See also
167.Ar ipfilter_enable .
168.It Ar firewall_script
169(str) If you want to run a firewall script other than
170.Pa /etc/rc.firewall ,
171set this variable to the full path to that script.
172.It Ar firewall_type
173(str) Names the firewall type from the selection in
174.Pa /etc/rc.firewall ,
175or the file which contains the local firewall ruleset. Valid selections
176from
177.Pa /etc/rc.firewall ,
178are
179.Dq open
180- unrestricted IP access;
181.Dq closed
182- all IP services disabled, except via lo0;
183.Dq client
184- basic protection for a workstation;
185.Dq simple
186- basic protection for a LAN. If a filename is specified, the full path
187must be given.
188.It Ar firewall_quiet
189(bool) Set to
190.Ar YES
191to disable the display of ipfw rules on the console during boot.
192.It Ar firewall_logging
193(bool) Set to
194.Ar YES
195to enable ipfw event logging.
196This is equivalent to the IPFIREWALL_VERBOSE kernel option.
197.It Ar natd_program
198(str) path to
199.Xr natd 8 .
200.It Ar natd_enable
201(bool) Set to
202.Ar YES
203to enable natd.
204.Ar Firewall_enable
205must also be set to
206.Ar YES ,
207and
208.Xr divert 4
209sockets must be enabled in your kernel.
210.It Ar natd_interface
211This is the name of the public interface on which natd should run. It
212is mandatory if
213.Ar natd_enable
214is set to
215.Ar YES .
216The interface may be given as an interface name or as an IP address.
217.It Ar natd_flags
218Additional natd flags should be placed here. The
219.Fl n
220or
221.Fl a
222flag is automatically added with the above
223.Ar natd_interface
224as an argument.
225.\" ----- ipfilter_enable seting --------------------------------
226.It Ar ipfilter_enable
227(bool) Set to
228.Ar NO
229by default.
230Setting this to
231.Ar YES
232enables
233.Xr ipf 8
234packet filtering.
235Strictly speaking almost any filter could be established
236"abusing" this setting and the fact that
237.Ar ipfilter_program ,
238.Ar ipfilter_rules
239and
240.Ar ipfilter_flags
241are concatenated to form a command,
242as long as the file specified in
243.Ar ipfilter_rules
244is readable.
245When
246.Ar ipfilter_enable
247and
248.Ar ipnat_enable
249are set to
250.Ar YES
251and the file specified in
252.Ar ipnat_rules
253is readable,
254.Ar ipnat_program ,
255.Ar ipnat_rules
256and
257.Ar ipnat_flags
258make up a command line to start a network address translation program.
259When
260.Ar ipfilter_enable
261and
262.Ar ipmon_enable
263are set to
264.Ar YES ,
265.Ar ipmon_program
266and
267.Ar ipmon_flags
268form another command line for monitoring the above actions.
269See
270.Pa /etc/rc.network
271for details.
272.Pp
273Typical usage will require putting
274.Bd -literal
275ipfilter_enable="YES"
276ipfilter_flags=""
277ipnat_enable="YES"
278ipmon_enable="YES"
279
280.Ed
281into
282.Pa /etc/rc.conf
283and editing
284.Pa /etc/ipf.rules
285and
286.Pa /etc/ipnat.rules
287appropriately.
288Turning off
289.Ar firewall_enable
290when using ipf is recommended.
291Having
292.Bd -literal
293options IPFILTER
294options IPFILTER_LOG
295options IPFILTER_DEFAULT_BLOCK
296
297.Ed
298in the kernel configuration file is a good idea, too.
299.\" ----- ipfilter_program setting ------------------------------
300.It Ar ipfilter_program
301(str) Set to
302.Ar /sbin/ipf -Fa -f
303by default.
304This variable contains a command line
305up to (but not including) the filter rule definition
306(expected to live in a separate file).
307See
308.Ar ipfilter_enable
309for a detailled discussion.
310.\" ----- ipfilter_rules setting --------------------------------
311.It Ar ipfilter_rules
312(str) Set to
313.Ar /etc/ipf.rules
314by default.
315This variable contains the name of the filter rule definition file.
316The file is expected to be readable for the filter command to execute.
317See
318.Ar ipfilter_enable
319for a detailled discussion.
320.\" ----- ipfilter_flags setting --------------------------------
321.It Ar ipfilter_flags
322(str) Set to
323.Ar -E
324by default.
325This variable contains flags appended to the filter command
326after the rule definition filename.
327The default setting will initialize an on demand loaded ipf module.
328When compiling ipfilter directly into your kernel (as is recommended)
329the variable should be empty to not initialize
330the code more than once.
331See
332.Ar ipfilter_enable
333for a detailled discussion.
334.\" ----- ipnat_enable setting ----------------------------------
335.It Ar ipnat_enable
336(bool) Set to
337.Ar NO
338by default.
339Set it to
340.Ar YES
341to enable
342.Xr ipnat 8
343network address translation.
344Setting this variable needs setting
345.Ar ipfilter_enable ,
346too.
347See
348.Ar ipfilter_enable
349for a detailled discussion.
350.\" ----- ipnat_program setting ---------------------------------
351.It Ar ipnat_program
352(str) Set to
353.Ar /sbin/ipnat -CF -f
354by default.
355This variable contains a command line
356up to (but not including) the translation rule definition
357(expected to live in a separate file).
358See
359.Ar ipfilter_enable
360for a detailled discussion.
361.\" ----- ipnat_rules setting -----------------------------------
362.It Ar ipnat_rules
363(str) Set to
364.Ar /etc/ipnat.rules
365by default.
366This variable contains the name of the file
367holding the network address translation definition.
368This file is expected to be readable for the NAT command to execute.
369See
370.Ar ipfilter_enable
371for a detailled discussion.
372.\" ----- ipnat_flags setting -----------------------------------
373.It Ar ipnat_flags
374(str) Empty by default.
375This variable contains additional flags
376appended to the ipnat command line
377after the rule definition filename.
378See
379.Ar ipfilter_enable
380for a detailled discussion.
381.\" ----- ipmon_enable setting ----------------------------------
382.It Ar ipmon_enable
383(bool) Set to
384.Ar NO
385by default.
386Set it to
387.Ar YES
388to enable
389.Xr ipmon 8
390monitoring (logging
391.Xr ipf 8
392and
393.Xr ipnat 8
394events).
395Setting this variable needs setting
396.Ar ipfilter_enable ,
397too.
398See
399.Ar ipfilter_enable
400for a detailled discussion.
401.\" ----- ipmon_program setting ---------------------------------
402.It Ar ipmon_program
403(str) Set to
404.Ar /sbin/ipmon
405by default.
406This variable contains the
407.Xr ipmon 8
408executable filename.
409See
410.Ar ipfilter_enable
411for a detailled discussion.
412.\" ----- ipmon_flags setting -----------------------------------
413.It Ar ipmon_flags
414(str) Set to
415.Ar -Ds
416by default.
417This variable contains flags passed to the
418.Xr ipmon 8
419program.
420Another typical example would be
421.Ar -D /var/log/ipflog
422to have
423.Xr ipmon 8
424log directly to a file bypassing
425.Xr syslogd 8 .
426Make sure to adjust
427.Pa /etc/newsyslog.conf
428in such case like this:
429.Bd -literal
430/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid
431
432.Ed
433See
434.Ar ipfilter_enable
435for a detailled discussion.
436.\" ----- end of added ipf hook ---------------------------------
437.It Ar tcp_extensions
438(bool) Set to
439.Ar NO
440by default.
441Setting this to YES enables certain TCP options as described by
442.Rs
443.%T RFC 1323
444.Re
445If you have problems with connections
446randomly hanging or other weird behavior of such nature, you might
447try setting this back to
448.Ar NO
449and seeing if that helps. Some hardware/software out there is known
450to be broken with respect to these options.
451.It Ar log_in_vain
452(bool) Set to
453.Ar NO
454by default.
455Setting to YES will enable logging of connection attempts to ports that
456have no listening socket on them.
457.It Ar tcp_keepalive
458(bool) Set to
459.Ar YES
460by default.
461Setting to NO will disable probing idle TCP connections to verify that the
462peer is still up and reachable.
463.It Ar tcp_drop_synfin
464(bool) Set to
465.Ar NO
466by default.
467Setting to YES will cause the kernel to ignore TCP frames that have both
468the SYN and FIN flags set.
469This prevents OS fingerprinting, but may
470break some legitimate applications.
471This option is only available if the
472kernel was built with the TCP_DROP_SYNFIN option.
473.It Ar tcp_restrict_rst
474(bool) Set to
475.Ar NO
476by default.
477Setting to YES will cause the kernel to refrain from emitting TCP RST frames
478in response to invalid TCP packets (e.g. frames destined for closed ports).
479This option is only available if the kernel was built with the
480TCP_RESTRICT_RST option.
481.It Ar icmp_drop_redirect
482(bool) Set to
483.Ar NO
484by default.
485Setting to YES will cause the kernel to ignore ICMP REDIRECT packets.
486.It Ar icmp_log_redirect
487(bool) Set to
488.Ar NO
489by default.
490Setting to YES will cause the kernel to log ICMP REDIRECT packets.
491Note that
492the log messages are not rate-limited, so this option should only be used
493for troubleshooting your own network.
494.It Ar network_interfaces
495(str) Set to the list of network interfaces to configure on this host.
496For example, if you had a loopback device (standard) and an SMC Elite
497Ultra NIC, you might have this set to
498.Qq Ar "lo0 ed0"
499for the two interfaces. An
500.No ifconfig_ Ns Em interface
501variable is also assumed to exist for each value of
502.Em interface .
503It is also possible to add IP alias entries here in cases where you
504want a single interface to have multiple IP addresses registered against
505it.
506Assuming that the interface in question was ed0, it might look
507something like this:
508.Bd -literal
509ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
510ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
511
512.Ed
513And so on. For each ifconfig_<interface>_alias<n> entry that is
514found, its contents are passed to
515.Xr ifconfig 8 .
516Execution stops at the first unsuccessful access, so if you
517had something like:
518.Bd -literal
519ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
520ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
521ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
522ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
523
524.Ed
525Then note that alias4 would
526.Em not
527be added since the search would
528stop with the missing alias3 entry.
529.Pp
530You can bring up an interface with DHCP by setting the
531.No ifconfig_ Ns Em interface
532variable to
533.Dq DHCP .
534For instance, to initialize your ed0 device via DHCP,
535you might have something like:
536.Bd -literal
537ifconfig_ed0="DHCP"
538.Ed
539.It Ar ppp_enable
540(bool) If set to
541.Ar YES ,
542run the
543.Xr ppp 8
544daemon.
545.It Ar ppp_mode
546(str) Mode in which to run the
547.Xr ppp 8
548daemon. Accepted modes are
549.Ar auto , ddial , direct
550and
551.Ar dedicated .
552See the manual for a full description.
553.It Ar ppp_nat
554(bool) If set to
555.Ar YES ,
556enables packet aliasing.
557Used in conjunction with
558.Ar gateway_enable
559allows hosts on private network addresses access to the Internet using
560this host as a network address translating router.
561.It Ar ppp_profile
562(str) The name of the profile to use from
563.Pa /etc/ppp/ppp.conf .
564.It Ar ppp_user
565(str) The name of the user under which ppp should be started. By
566default, ppp is started as
567.Ar root .
568.It Ar rc_conf_files
569(str) This option is used to specify a list of files that will override
570the settings in
571.Pa /etc/defaults/rc.conf .
572The files will be read in the order in which they are specified and should
573include the full path to the file.
574By default, the files specified are
575.Pa /etc/rc.conf
576and
577.Pa /etc/rc.conf.local
578.It Ar syslogd_enable
579(bool) If set to
580.Ar YES ,
581run the
582.Xr syslogd 8
583daemon.
584.It Ar syslogd_flags
585(str) if syslogd_enable is set to
586.Ar YES ,
587these are the flags to pass to
588.Xr syslogd 8 .
589.It Ar inetd_enable
590(bool) If set to
591.Ar YES ,
592run the
593.Xr inetd 8
594daemon.
595.It Ar inetd_flags
596(str) if inetd_enable is set to
597.Ar YES ,
598these are the flags to pass to
599.Xr inetd 8 .
600.It Ar named_enable
601(bool) If set to
602.Ar YES ,
603run the
604.Xr named 8
605daemon.
606.It Ar named_program
607(str) path to
608.Xr named 8
609(default
610.Pa /usr/sbin/named ) .
611.It Ar named_flags
612(str) if
613.Ar named_enable
614is set to
615.Ar YES ,
616these are the flags to pass to
617.Xr named 8 .
618.It Ar kerberos_server_enable
619(bool) Set to
620.Ar YES
621if you want to run a Kerberos authentication server
622at boot time.
623.It Ar kadmind_server_enable
624.Ar YES
625if you want to run
626.Xr kadmind 8
627the Kerberos Administration Daemon); set to
628.Ar NO
629on a slave server.
630.It Ar kerberos_stash
631(str)
632If
633.Ar YES ,
634instruct the Kerberos servers to use the stashed master key instead of
635prompting for it (only if
636.Ar kerberos_server_enable
637is set to
638.Ar YES ,
639and is used for both
640.Xr kerberos 1
641and
642.Xr kadmind 8 ).
643.It Ar rwhod_enable
644(bool) If set to
645.Ar YES ,
646run the
647.Xr rwhod 8
648daemon at boot time.
649.It Ar rwhod_flags
650(str) If
651.Ar rwhod_enable
652is set to
653.Ar YES ,
654these are the flags to pass to it.
655.It Ar amd_enable
656(bool) If set to
657.Ar YES ,
658run the
659.Xr amd 8
660daemon at boot time.
661.It Ar amd_flags
662(str) If
663.Ar amd_enable
664is set to
665.Ar YES ,
666these are the flags to pass to it.
667See the
668.Xr amd 8
669.Xr info 1
670page for more information.
671.It Ar update_motd
672(bool) If set to
673.Ar YES ,
674.Pa /etc/motd
675will be updated at boot time to reflect the kernel release
676bring run. If set to
677.Ar NO ,
678.Pa /etc/motd
679will not be updated
680.It Ar nfs_client_enable
681(bool) If set to
682.Ar YES ,
683run the NFS client daemons at boot time.
684.It Ar nfs_client_flags
685(str) If
686.Ar nfs_client_enable
687is set to
688.Ar YES ,
689these are the flags to pass to the
690.Xr nfsiod 8
691daemon.
692.It Ar nfs_access_cache
693if
694.Ar nfs_client_enable
695is set to
696.Ar YES ,
697this can be set to
698.Ar 0
699to disable NFS ACCESS RPC caching, or to the number of seconds for which NFS ACCESS
700results should be cached. A value of 2-10 seconds will substantially reduce network
701traffic for many NFS operations.
702.It Ar nfs_server_enable
703(bool) If set to
704.Ar YES ,
705run the NFS server daemons at boot time.
706.It Ar nfs_server_flags
707(str) If
708.Ar nfs_server_enable
709is set to
710.Ar YES ,
711these are the flags to pass to the
712.Xr nfsd 8
713daemon.
714.It Ar single_mountd_enable
715(bool) If set to
716.Ar YES ,
717and no
718.Ar nfs_server_enable
719is set, start
720.Xr mountd 8 ,
721but not
722.Xr nfsd 8
723daemon.
724It is commonly needed to run CFS without real NFS used.
725.It Ar weak_mountd_authentication
726(bool) If set to
727.Ar YES ,
728allow services like PCNFSD to make non-privileged mount
729requests.
730.It Ar nfs_privport
731(bool) If set to
732.Ar YES ,
733provide NFS services only on a secure port.
734.It Ar nfs_bufpackets
735(integer) If set to a number, indicates the number of packets worth of
736socket buffer space to reserve on an NFS client. If set to
737.Ar DEFAULT ,
738the kernel default is used (typically 4). Using a higher number may be
739useful on gigabit networks to improve performance. The minimum value is
7402 and the maximum is 64.
741.It Ar rpc_lockd_enable
742(bool) If set to
743.Ar YES
744and also an NFS server, run
745.Xr rpc.lockd 8
746at boot time.
747.It Ar rpc_statd_enable
748(bool) If set to
749.Ar YES
750and also an NFS server, run
751.Xr rpc.statd 8
752at boot time.
753.It Ar portmap_program
754(str) path to
755.Xr portmap 8
756(default
757.Pa /usr/sbin/portmap ) .
758.It Ar portmap_enable
759(bool) If set to
760.Ar YES ,
761run the
762.Xr portmap 8
763service at boot time.
764.It Ar portmap_flags
765(str) If
766.Ar portmap_enable
767is set to
768.Ar YES ,
769these are the flags to pass to the
770.Xr portmap 8
771daemon.
772.It Ar xtend_enable
773(bool) If set to
774.Ar YES
775then run the
776.Xr xtend 8
777daemon at boot time.
778.It Ar xtend_flags
779(str) If
780.Ar xtend_enable
781is set to
782.Ar YES ,
783these are the flags to pass to the
784.Xr xtend 8
785daemon.
786.It Ar pppoed_enable
787(bool) If set to
788.Ar YES
789then run the
790.Xr pppoed 8
791daemon at boot time to provide PPP over Ethernet services.
792.It Ar pppoed_provider
793.Xr pppoed 8
794listens to requests to this
795.Ar provider
796and ultimately runs
797.Xr ppp 8
798with a
799.Ar system
800argument of the same name.
801.It Ar pppoed_flags
802Additional flags to pass to
803.Xr pppoed 8 .
804.It Ar pppoed_interface
805The network interface to run pppoed on. This is mandatory when
806.Ar pppoed_enable
807is set to
808.Dq YES .
809.It Ar timed_enable
810(boot) if
811.Ar YES
812then run the
813.Xr timed 8
814service at boot time. This command is intended for networks of
815machines where a consistent
816.Qq "network time"
817for all hosts must be established. This is often useful in large NFS
818environments where time stamps on files are expected to be consistent
819network-wide.
820.It Ar timed_flags
821(str) If
822.Ar timed_enable
823is set to
824.Ar YES ,
825these are the flags to pass to the
826.Xr timed 8
827service.
828.It Ar ntpdate_enable
829(bool) If set to
830.Ar YES ,
831run ntpdate at system startup. This command is intended to
832synchronize the system clock only
833.Ar once
834from some standard reference. An option to set this up initially
835(from a list of known servers) is also provided by the
836.Pa /stand/sysinstall
837program when the system is first installed.
838.It Ar ntpdate_program
839(str) path to
840.Xr ntpdate 8
841(default
842.Pa /usr/sbin/ntpdate ) .
843.It Ar ntpdate_flags
844(str) If
845.Ar ntpdate_enable
846is set to
847.Ar YES ,
848these are the flags to pass to the
849.Xr ntpdate 8
850command (typically a hostname).
851.It Ar xntpd_enable
852(bool) If set to
853.Ar YES
854then run the
855.Xr xntpd 8
856command at boot time.
857.It Ar xntpd_program
858(str) path to
859.Xr xntpd 8
860(default
861.Pa /usr/sbin/xntpd ) .
862.It Ar xntpd_flags
863(str) If
864.Ar xntpd_enable
865is set to
866.Ar YES ,
867these are the flags to pass to the
868.Xr xntpd 8
869daemon.
870.It Ar nis_client_enable
871(bool) If set to
872.Ar YES
873then run the
874.Xr ypbind 8
875service at system boot time.
876.It Ar nis_client_flags
877(str) If
878.Ar nis_client_enable
879is set to
880.Ar YES ,
881these are the flags to pass to the
882.Xr ypbind 8
883service.
884.It Ar nis_ypset_enable
885(bool) If set to
886.Ar YES
887then run the
888.Xr ypset 8
889daemon at system boot time.
890.It Ar nis_ypset_flags
891(str) If
892.Ar nis_ypset_enable
893is set to
894.Ar YES ,
895these are the flags to pass to the
896.Xr ypset 8
897daemon.
898.It Ar nis_server_enable
899(bool) If set to
900.Ar YES
901then run the
902.Xr ypserv 8
903daemon at system boot time.
904.It Ar nis_server_flags
905(str) If
906.Ar nis_server_enable
907is set to
908.Ar YES ,
909these are the flags to pass to the
910.Xr ypserv 8
911daemon.
912.It Ar nis_ypxfrd_enable
913(bool) If set to
914.Ar YES
915then run the
916.Xr ypxfrd 8
917daemon at system boot time.
918.It Ar nis_ypxfrd_flags
919(str) If
920.Ar nis_ypxfrd_enable
921is set to
922.Ar YES ,
923these are the flags to pass to the
924.Xr ypxfrd 8
925daemon.
926.It Ar nis_yppasswdd_enable
927(bool) If set to
928.Ar YES
929then run the
930.Xr yppasswdd 8
931daemon at system boot time.
932.It Ar nis_yppasswdd_flags
933(str) If
934.Ar nis_yppasswdd_enable
935is set to
936.Ar YES ,
937these are the flags to pass to the
938.Xr yppasswdd 8
939daemon.
940.It Ar defaultrouter
941(str) If not set to
942.Ar NO
943then create a default route to this host name or IP address (use IP
944address value if you also require this router to get to a name
945server!)
946.It Ar static_routes
947(str) Set to the list of static routes you would like to add at system
948boot time. If not set to
949.Ar NO
950then for each whitespace separated
951.Em element
952in the value, a
953.No route_ Ns element
954variable is assumed to exist
955whose contents will later be passed to a
956.Dq route add
957operation.
958.It Ar gateway_enable
959(bool) If set to
960.Ar YES ,
961then configure host to at as an IP router, e.g. to forward packets
962between interfaces.
963.It Ar router_enable
964(bool) If set to
965.Ar YES
966then run a routing daemon of some sort, based on the
967settings of
968.Ar router
969and
970.Ar router_flags .
971.It Ar router
972(str) If
973.Ar router_enable
974is set to
975.Ar YES ,
976this is the name of the routing daemon to use.
977.It Ar router_flags
978(str) If
979.Ar router_enable
980is set to
981.Ar YES ,
982these are the flags to pass to the routing daemon.
983.It Ar mrouted_enable
984(bool) If set to
985.Ar YES
986then run the multicast routing daemon,
987.Xr mrouted 8 .
988.It Ar mrouted_flags
989(str) If
990.Ar mrouted_enable
991is set to
992.Ar YES ,
993these are the flags to pass to the multicast routing daemon.
994.It Ar ipxgateway_enable
995(bool) If set to
996.Ar YES
997then enable the routing of IPX traffic.
998.It Ar ipxrouted_enable
999(bool) If set to
1000.Ar YES
1001then run the
1002.Xr IPXrouted 8
1003daemon at system boot time.
1004.It Ar ipxrouted_flags
1005(str) If
1006.Ar ipxrouted_enable
1007is set to
1008.Ar YES ,
1009these are the flags to pass to the
1010.Xr IPXrouted 8
1011daemon.
1012.It Ar arpproxy_all
1013If set to
1014.Ar YES
1015then enable global proxy ARP.
1016.It Ar forward_sourceroute
1017If set to
1018.Ar YES
1019then when
1020.Ar gateway_enable
1021is also set to
1022.Ar YES ,
1023source routed packets are forwarded.
1024.It Ar accept_sourceroute
1025If set to
1026.Ar YES
1027then the system will accept source routed packets directed at it.
1028.It Ar rarpd_enable
1029(bool) If set to
1030.Ar YES
1031then run the
1032.Xr rarpd 8
1033daemon at system boot time.
1034.It Ar rarpd_flags
1035(str) If
1036.Ar rarpd_enable
1037is set to
1038.Ar YES ,
1039these are the flags to pass to the
1040.Xr rarpd 8
1041daemon.
1042.It Ar atm_enable
1043(bool) Set to
1044.Ar YES
1045to enable the configuration of ATM interfaces at system boot time.
1046For all of the ATM variables described below, please refer to the
1047.Xr atm 8
1048man page for further details on the available command parameters.
1049Also refer to the files in
1050.Pa /usr/share/examples/atm
1051for more detailed configuration information.
1052.It Ar atm_netif_<intf>
1053(str) For the ATM physical interface
1054.Va <intf> ,
1055this variable defines the name prefix and count for the ATM network interfaces to be created.
1056The value will be passed as the parameters of an
1057.Dq atm set netif Va <intf>
1058command.
1059.It Ar atm_sigmgr_<intf>
1060(str) For the ATM physical interface
1061.Va <intf> ,
1062this variable defines the ATM signalling manager to be used.
1063The value will be passed as the parameters of an
1064.Dq atm attach Va <intf>
1065command.
1066.It Ar atm_prefix_<intf>
1067(str) For the ATM physical interface
1068.Va <intf> ,
1069this variable defines the NSAP prefix for interfaces using a UNI signalling
1070manager. If set to
1071.Em ILMI ,
1072then the prefix will automatically be set via the
1073.Xr ilmid 8
1074daemon. Otherwise, the value will be passed as the parameters of an
1075.Dq atm set prefix Va <intf>
1076command.
1077.It Ar atm_macaddr_<intf>
1078(str) For the ATM physical interface
1079.Va <intf> ,
1080this variable defines the MAC address for interfaces using a UNI signalling
1081manager. If set to
1082.Em NO ,
1083then the hardware MAC address contained in the ATM interface card will be used.
1084Otherwise, the value will be passed as the parameters of an
1085.Dq atm set mac Va <intf>
1086command.
1087.It Ar atm_arpserver_<netif>
1088(str) For the ATM network interface
1089.Va <netif> ,
1090this variable defines the ATM address for a host which is to provide ATMARP
1091service. This variable is only applicable to interfaces using a UNI signalling
1092manager. If set to
1093.Em local ,
1094then this host will become an ATMARP server.
1095The value will be passed as the parameters of an
1096.Dq atm set arpserver Va <netif>
1097command.
1098.It Ar atm_scsparp_<netif>
1099(bool) If set to
1100.Em YES ,
1101then SCSP/ATMARP service for the network interface
1102.Va <netif>
1103will be initiated using the
1104.Xr scspd 8
1105and
1106.Xr atmarpd 8
1107daemons. This variable is only applicable if
1108.So
1109.No atm_arpserver_ Ns Va <netif>
1110.No Ns = Ns Qq local
1111.Sc
1112is defined.
1113.It Ar atm_pvcs
1114(str) Set to the list of ATM PVCs you would like to add at system
1115boot time. For each whitespace separated
1116.Em element
1117in the value, an
1118.No atm_pvc_ Ns Em element
1119variable is assumed to exist. The value of each of these variables
1120will be passed as the parameters of an
1121.Dq atm add pvc
1122command.
1123.It Ar atm_arps
1124(str) Set to the list of permanent ATM ARP entries you would like to add
1125at system boot time. For each whitespace separated
1126.Em element
1127in the value, an
1128.No atm_arp_ Ns Em element
1129variable is assumed to exist. The value of each of these variables
1130will be passed as the parameters of an
1131.Dq atm add arp
1132command.
1133.It Ar keymap
1134(str) If set to
1135.Ar NO
1136then no keymap is installed, otherwise the value is used to install
1137the keymap file in
1138.Pa /usr/share/syscons/keymaps/<value>.kbd
1139.It Ar keyrate
1140(str) The keyboard repeat speed. Set to
1141.Ar slow ,
1142.Ar normal ,
1143.Ar fast
1144or
1145.Ar NO
1146if the default behavior is desired.
1147.It Ar keychange
1148(str) If not set to
1149.Ar NO ,
1150attempt to program the function keys with the value. The value should
1151be a single string of the form:
1152.Qq Ar "<funkey_number> <new_value> [<funkey_number> <new_value>]..."
1153.It Ar cursor
1154(str) Can be set to the value of
1155.Ar normal ,
1156.Ar blink ,
1157.Ar destructive
1158or
1159.Ar NO
1160to set the cursor behavior explicitly or choose the default behavior.
1161.It Ar scrnmap
1162(str) If set to
1163.Ar NO
1164then no screen map is installed, otherwise the value is used to install
1165the screen map file in
1166.Pa /usr/share/syscons/scrnmaps/<value> .
1167.It Ar font8x16
1168(str) If set to
1169.Ar NO
1170then the default 8x16 font value is used for screen size requests, otherwise
1171the value in
1172.Pa /usr/share/syscons/fonts/<value>
1173is used.
1174.It Ar font8x14
1175(str) If set to
1176.Ar NO
1177then the default 8x14 font value is used for screen size requests, otherwise
1178the value in
1179.Pa /usr/share/syscons/fonts/<value>
1180is used.
1181.It Ar font8x8
1182(str) If set to
1183.Ar NO
1184then the default 8x8 font value is used for screen size requests, otherwise
1185the value in
1186.Pa /usr/share/syscons/fonts/<value>
1187is used.
1188.It Ar blanktime
1189(int) If set to
1190.Ar NO
1191then the default screen blanking interval is used, otherwise it is set
1192to
1193.Ar value
1194seconds.
1195.It Ar saver
1196(str) If not set to
1197.Ar NO ,
1198this is the actual screen saver to use (blank, snake, daemon, etc).
1199.It Ar moused_enable
1200(str) If set to
1201.Ar YES ,
1202the
1203.Xr moused 8
1204daemon is started for doing cut/paste selection on the console.
1205.It Ar moused_type
1206(str) This is the protocol type of mouse you would like to use.
1207This variable must be set if
1208.Ar moused_enable
1209is set to
1210.Ar YES .
1211The
1212.Xr moused 8
1213daemon
1214is able to detect the appropriate mouse type automatically in many cases.
1215You can set this variable to
1216.Ar auto
1217to let the daemon detect it, or
1218select one from the following list if the automatic detection fails.
1219.Pp
1220If your mouse is attached to the PS/2 mouse port, you should
1221always choose
1222.Ar auto
1223or
1224.Ar ps/2 ,
1225regardless of the brand and model of the mouse. Likewise, if your
1226mouse is attached to the bus mouse port, choose
1227.Ar auto
1228or
1229.Ar busmouse .
1230All other protocols are for serial mice and will not work with
1231the PS/2 and bus mice.
1232If you have a USB mouse,
1233.Ar auto
1234is the only protocol type which works with the USB mouse.
1235.Bd -literal
1236microsoft Microsoft mouse (serial)
1237intellimouse Microsoft IntelliMouse (serial)
1238mousesystems Mouse systems Corp mouse (serial)
1239mmseries MM Series mouse (serial)
1240logitech Logitech mouse (serial)
1241busmouse A bus mouse
1242mouseman Logitech MouseMan and TrackMan (serial)
1243glidepoint ALPS GlidePoint (serial)
1244thinkingmouse Kensignton ThinkingMouse (serial)
1245ps/2 PS/2 mouse
1246mmhittab MM HitTablet (serial)
1247x10mouseremote X10 MouseRemote (serial)
1248versapad Interlink VersaPad (serial)
1249
1250.Ed
1251Even if your mouse is not in the above list, it may be compatible
1252with one in the list.
1253Refer to the man page for
1254.Xr moused 8
1255for compatibility information.
1256.Pp
1257It should also be noted that while this is enabled, any
1258other client of the mouse (such as an X server) should access
1259the mouse through the virtual mouse device:
1260.Pa /dev/sysmouse
1261and configure it as a sysmouse type mouse, since all
1262mouse data is converted to this single canonical format when
1263using
1264.Xr moused 8 .
1265If the client program does not support the sysmouse type,
1266specify the mousesystems type.
1267It is the second prefered type.
1268.It Ar moused_port
1269(str) If
1270.Ar moused_enable
1271is set to
1272.Ar YES ,
1273this is the actual port the mouse is on.
1274It might be
1275.Pa /dev/cuaa0
1276for a COM1 serial mouse,
1277.Pa /dev/psm0
1278for a PS/2 mouse or
1279.Pa /dev/mse0
1280for a bus mouse, for example.
1281.It Ar moused_flags
1282(str) If
1283.Ar moused_type
1284is set, these are the additional flags to pass to the
1285.Xr moused 8
1286daemon.
1287.It Ar allscreens_flags
1288(str) If set,
1289.Xr vidcontrol 1
1290is run with these options for each of the virtual terminals
1291.Pq Pa /dev/ttyv* .
1292For example,
1293.Ar -m on
1294will enable the mouse pointer on all virtual terminals
1295if
1296.Ar moused_enable
1297is set to
1298.Ar YES .
1299.It Ar cron_enable
1300(bool) If set to
1301.Ar YES
1302then run the
1303.Xr cron 8
1304daemon at system boot time.
1305.It Ar lpd_program
1306(str) path to
1307.Xr lpd 8
1308(default
1309.Pa /usr/sbin/lpd ) .
1310.It Ar lpd_enable
1311(bool) If set to
1312.Ar YES
1313then run the
1314.Xr lpd 8
1315daemon at system boot time.
1316.It Ar lpd_flags
1317(str) If
1318.Ar lpd_enable
1319is set to
1320.Ar YES ,
1321these are the flags to pass to the
1322.Xr lpd 8
1323daemon.
1324.It Ar sendmail_enable
1325(bool) If set to
1326.Ar YES
1327then run the
1328.Xr sendmail 8
1329daemon at system boot time.
1330.It Ar sendmail_flags
1331(str) If
1332.Ar sendmail_enable
1333is set to
1334.Ar YES ,
1335these are the flags to pass to the
1336.Xr sendmail 8
1337daemon.
1338.It Ar dumpdev
1339(str) If not set to
1340.Ar NO
1341then point kernel crash-dumps at the swap device
1342specified as
1343.Em value .
1344When the system restarts,
1345a crash-dump found on the specified device
1346will typically be stored in the
1347.Pa /var/crash
1348directory by the
1349.Xr savecore 8
1350program.
1351.It Ar check_quotas
1352(bool) Set to
1353.Ar YES
1354if you want to enable user disk quota checking via the
1355.Xr quotacheck 8
1356command.
1357.It Ar accounting_enable
1358(bool) Set to
1359.Ar YES
1360if you wish to enable system accounting through the
1361.Xr accton 8
1362facility.
1363.It Ar ibcs2_enable
1364(bool) Set to
1365.Ar YES
1366if you wish to enable iBCS2 (SCO) binary emulation at system initial boot
1367time.
1368.It Ar ibcs2_loaders
1369(str) If not set to
1370.Ar NO
1371and if
1372.Ar ibcs2_enable
1373is set to
1374.Ar YES ,
1375this specifies a list of additional iBCS2 loaders to enable.
1376.It Ar linux_enable
1377(bool) Set to
1378.Ar YES
1379if you wish to enable Linux/ELF binary emulation at system initial
1380boot time.
1381.It Ar osf1_enable
1382(bool) Set to
1383.Ar YES
1384if you wish to enable OSF/1 (Digital UNIX) binary emulation at system
1385initial boot time. (alpha)
1386.It Ar clear_tmp_enable
1387(bool) Set to
1388.Ar YES
1389if you want
1390.Pa /tmp
1391to be cleaned at startup.
1392.It Ar ldconfig_paths
1393(str) Set to the list of shared library paths to use with
1394.Xr ldconfig 8 .
1395NOTE:
1396.Pa /usr/lib
1397will always be added first, so it need not appear in this list.
1398.It Ar ldconfig_insecure
1399(bool) The
1400.Xr ldconfig 8
1401utility normally refuses to use directories
1402which are writable by anyone except root.
1403Set this variable to
1404.Ar YES
1405if you want to disable that security check during system startup.
1406.It Ar kern_securelevel_enable
1407(bool) Set to
1408.Ar YES
1409if you wish to set the kernel security level at system startup.
1410.It Ar kern_securelevel
1411(int) The kernel security level to set at startup.
1412The allowed range of
1413.Ar value
1414ranges from -1 (the compile time default) to 3 (the
1415most secure). See
1416.Xr init 8
1417for the list of possible security levels and their effect
1418on system operation.
1419.It Ar start_vinum
1420(bool) Set to
1421.Ar YES
1422if you want to start
1423.Xr vinum 8
1424at system boot time.
1425.It Ar sshd_program
1426(str) Path to the SSH server program
1427.Po
1428.Pa /usr/sbin/sshd
1429is the default
1430.Pc .
1431.It Ar sshd_enable
1432(bool) Set to
1433.Ar YES
1434if you want to start
1435.Xr sshd 8
1436at system boot time.
1437.It Ar sshd_flags
1438(str) If
1439.Ar sshd_enable
1440is set to
1441.Ar YES ,
1442these are the flags to pass to the
1443.Xr sshd 8
1444daemon.
1445.It Ar unaligned_print
1446(bool) If set to
1447.Ar NO
1448then unaligned access warnings will not be printed. (alpha)
| 26.\"
27.Dd July 3, 2000
28.Dt RC.CONF 5
29.Os
30.Sh NAME
31.Nm rc.conf
32.Nd system configuration information.
33.Sh DESCRIPTION
34The file
35.Nm
36contains descriptive information about the local host name, configuration
37details for any potential network interfaces and which services should be
38started up at system initial boot time. In new installations, the
39.Nm
40file is generally initialized by the system installation utility:
41.Pa /stand/sysinstall .
42.Pp
43The purpose of
44.Nm
45is not to run commands or perform system startup actions
46directly. Instead, it is included by the
47various generic startup scripts in
48.Pa /etc
49which conditionalize their
50internal actions according to the settings found there.
51.Pp
52The
53.Pa /etc/rc.conf
54file is included from the file
55.Pa /etc/defaults/rc.conf ,
56which specifies the default settings for all the available options.
57Options
58need only be specified in
59.Pa /etc/rc.conf
60when the system administrator wishes to override these defaults.
61The file
62.Pa /etc/rc.conf.local
63is used to override settings in
64.Pa /etc/rc.conf
65for historical reasons.
66See the
67.Dq rc_conf_files
68option below.
69.Pp
70The following list provides a name and short description for each
71variable you can set in the
72.Nm
73file:
74.Bl -tag -width Ar
75.It Ar swapfile
76(str) If set to
77.Ar NO
78then no swapfile is installed, otherwise the value is used as the full
79pathname to a file to use for additional swap space.
80.It Ar apm_enable
81(bool) If set to
82.Ar YES ,
83enable support for Automatic Power Management with
84the
85.Xr apm 8
86command.
87.It Ar apmd_enable
88(bool) Run
89.Xr apmd 8
90to handle APM event from userland.
91This also enable support for APM.
92.It Ar apmd_flags
93(str) If
94.Ar apmd_enable
95is set to
96.Ar YES ,
97these are the flags to pass to the
98.Xr apmd 8
99daemon.
100.It Ar pccard_enable
101(bool) If set to
102.Ar YES ,
103enable PCCARD support at boot time.
104.It Ar pccard_mem
105(str) Set to PCCARD controller memory address or
106.Ar DEFAULT
107for the default value.
108.It Ar pccard_ifconfig
109(str) List of arguments to be passed to ifconfig(8) at boot time or on
110insertion of of the card (e.g. "inet 192.168.1.1 netmask 255.255.255.0"
111for a fixed address or "DHCP" for a DHCP client).
112.It Ar pccard_beep
113(integer) If 0,
114set the PCCARD controller to silent mode.
115If 1,
116set it to beep mode.
117If 2,
118set it to melody mode.
119.It Ar pccard_conf
120(str) Path to the configuration file for the
121.Xr pccardd 8
122daemon (e.g.
123.Pa /etc/pccard.conf.sample ) .
124.It Ar pccardd_flags
125(str) If
126.Ar pccard_enable
127is set to
128.Ar YES ,
129these are the flags to pass to the
130.Xr pccardd 8
131daemon.
132.It Ar local_startup
133(str) List of directories to search for startup script files.
134.It Ar hostname
135(str) The Fully Qualified Domain Name of your host on the network.
136This should almost certainly be set to something meaningful, even if
137you are not connected to a network. If you are using
138.Xr dhclient 8
139to set your hostname via DHCP, this variable should be set to an empty string.
140.It Ar nisdomainname
141(str) The NIS domainname of your host, or
142.Ar NO
143if you are not running NIS.
144.It Ar dhcp_program
145(str) Path to the DHCP client program
146.Po
147.Pa /sbin/dhclient ,
148the ISC DHCP client,
149is the default
150.Pc .
151.It Ar dhcp_flags
152(str) Additional flags to pass to the DHCP client program.
153For the ISC DHCP client, see the
154.Xr dhclient 8
155page for a description of the command line options available.
156.It Ar firewall_enable
157(bool) Set to
158.Ar NO
159if you do not want have firewall rules loaded at startup, or
160.Ar YES
161if you do.
162If set to
163.Ar YES ,
164and the kernel was not built with IPFIREWALL, the ipfw
165kernel module will be loaded.
166See also
167.Ar ipfilter_enable .
168.It Ar firewall_script
169(str) If you want to run a firewall script other than
170.Pa /etc/rc.firewall ,
171set this variable to the full path to that script.
172.It Ar firewall_type
173(str) Names the firewall type from the selection in
174.Pa /etc/rc.firewall ,
175or the file which contains the local firewall ruleset. Valid selections
176from
177.Pa /etc/rc.firewall ,
178are
179.Dq open
180- unrestricted IP access;
181.Dq closed
182- all IP services disabled, except via lo0;
183.Dq client
184- basic protection for a workstation;
185.Dq simple
186- basic protection for a LAN. If a filename is specified, the full path
187must be given.
188.It Ar firewall_quiet
189(bool) Set to
190.Ar YES
191to disable the display of ipfw rules on the console during boot.
192.It Ar firewall_logging
193(bool) Set to
194.Ar YES
195to enable ipfw event logging.
196This is equivalent to the IPFIREWALL_VERBOSE kernel option.
197.It Ar natd_program
198(str) path to
199.Xr natd 8 .
200.It Ar natd_enable
201(bool) Set to
202.Ar YES
203to enable natd.
204.Ar Firewall_enable
205must also be set to
206.Ar YES ,
207and
208.Xr divert 4
209sockets must be enabled in your kernel.
210.It Ar natd_interface
211This is the name of the public interface on which natd should run. It
212is mandatory if
213.Ar natd_enable
214is set to
215.Ar YES .
216The interface may be given as an interface name or as an IP address.
217.It Ar natd_flags
218Additional natd flags should be placed here. The
219.Fl n
220or
221.Fl a
222flag is automatically added with the above
223.Ar natd_interface
224as an argument.
225.\" ----- ipfilter_enable seting --------------------------------
226.It Ar ipfilter_enable
227(bool) Set to
228.Ar NO
229by default.
230Setting this to
231.Ar YES
232enables
233.Xr ipf 8
234packet filtering.
235Strictly speaking almost any filter could be established
236"abusing" this setting and the fact that
237.Ar ipfilter_program ,
238.Ar ipfilter_rules
239and
240.Ar ipfilter_flags
241are concatenated to form a command,
242as long as the file specified in
243.Ar ipfilter_rules
244is readable.
245When
246.Ar ipfilter_enable
247and
248.Ar ipnat_enable
249are set to
250.Ar YES
251and the file specified in
252.Ar ipnat_rules
253is readable,
254.Ar ipnat_program ,
255.Ar ipnat_rules
256and
257.Ar ipnat_flags
258make up a command line to start a network address translation program.
259When
260.Ar ipfilter_enable
261and
262.Ar ipmon_enable
263are set to
264.Ar YES ,
265.Ar ipmon_program
266and
267.Ar ipmon_flags
268form another command line for monitoring the above actions.
269See
270.Pa /etc/rc.network
271for details.
272.Pp
273Typical usage will require putting
274.Bd -literal
275ipfilter_enable="YES"
276ipfilter_flags=""
277ipnat_enable="YES"
278ipmon_enable="YES"
279
280.Ed
281into
282.Pa /etc/rc.conf
283and editing
284.Pa /etc/ipf.rules
285and
286.Pa /etc/ipnat.rules
287appropriately.
288Turning off
289.Ar firewall_enable
290when using ipf is recommended.
291Having
292.Bd -literal
293options IPFILTER
294options IPFILTER_LOG
295options IPFILTER_DEFAULT_BLOCK
296
297.Ed
298in the kernel configuration file is a good idea, too.
299.\" ----- ipfilter_program setting ------------------------------
300.It Ar ipfilter_program
301(str) Set to
302.Ar /sbin/ipf -Fa -f
303by default.
304This variable contains a command line
305up to (but not including) the filter rule definition
306(expected to live in a separate file).
307See
308.Ar ipfilter_enable
309for a detailled discussion.
310.\" ----- ipfilter_rules setting --------------------------------
311.It Ar ipfilter_rules
312(str) Set to
313.Ar /etc/ipf.rules
314by default.
315This variable contains the name of the filter rule definition file.
316The file is expected to be readable for the filter command to execute.
317See
318.Ar ipfilter_enable
319for a detailled discussion.
320.\" ----- ipfilter_flags setting --------------------------------
321.It Ar ipfilter_flags
322(str) Set to
323.Ar -E
324by default.
325This variable contains flags appended to the filter command
326after the rule definition filename.
327The default setting will initialize an on demand loaded ipf module.
328When compiling ipfilter directly into your kernel (as is recommended)
329the variable should be empty to not initialize
330the code more than once.
331See
332.Ar ipfilter_enable
333for a detailled discussion.
334.\" ----- ipnat_enable setting ----------------------------------
335.It Ar ipnat_enable
336(bool) Set to
337.Ar NO
338by default.
339Set it to
340.Ar YES
341to enable
342.Xr ipnat 8
343network address translation.
344Setting this variable needs setting
345.Ar ipfilter_enable ,
346too.
347See
348.Ar ipfilter_enable
349for a detailled discussion.
350.\" ----- ipnat_program setting ---------------------------------
351.It Ar ipnat_program
352(str) Set to
353.Ar /sbin/ipnat -CF -f
354by default.
355This variable contains a command line
356up to (but not including) the translation rule definition
357(expected to live in a separate file).
358See
359.Ar ipfilter_enable
360for a detailled discussion.
361.\" ----- ipnat_rules setting -----------------------------------
362.It Ar ipnat_rules
363(str) Set to
364.Ar /etc/ipnat.rules
365by default.
366This variable contains the name of the file
367holding the network address translation definition.
368This file is expected to be readable for the NAT command to execute.
369See
370.Ar ipfilter_enable
371for a detailled discussion.
372.\" ----- ipnat_flags setting -----------------------------------
373.It Ar ipnat_flags
374(str) Empty by default.
375This variable contains additional flags
376appended to the ipnat command line
377after the rule definition filename.
378See
379.Ar ipfilter_enable
380for a detailled discussion.
381.\" ----- ipmon_enable setting ----------------------------------
382.It Ar ipmon_enable
383(bool) Set to
384.Ar NO
385by default.
386Set it to
387.Ar YES
388to enable
389.Xr ipmon 8
390monitoring (logging
391.Xr ipf 8
392and
393.Xr ipnat 8
394events).
395Setting this variable needs setting
396.Ar ipfilter_enable ,
397too.
398See
399.Ar ipfilter_enable
400for a detailled discussion.
401.\" ----- ipmon_program setting ---------------------------------
402.It Ar ipmon_program
403(str) Set to
404.Ar /sbin/ipmon
405by default.
406This variable contains the
407.Xr ipmon 8
408executable filename.
409See
410.Ar ipfilter_enable
411for a detailled discussion.
412.\" ----- ipmon_flags setting -----------------------------------
413.It Ar ipmon_flags
414(str) Set to
415.Ar -Ds
416by default.
417This variable contains flags passed to the
418.Xr ipmon 8
419program.
420Another typical example would be
421.Ar -D /var/log/ipflog
422to have
423.Xr ipmon 8
424log directly to a file bypassing
425.Xr syslogd 8 .
426Make sure to adjust
427.Pa /etc/newsyslog.conf
428in such case like this:
429.Bd -literal
430/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid
431
432.Ed
433See
434.Ar ipfilter_enable
435for a detailled discussion.
436.\" ----- end of added ipf hook ---------------------------------
437.It Ar tcp_extensions
438(bool) Set to
439.Ar NO
440by default.
441Setting this to YES enables certain TCP options as described by
442.Rs
443.%T RFC 1323
444.Re
445If you have problems with connections
446randomly hanging or other weird behavior of such nature, you might
447try setting this back to
448.Ar NO
449and seeing if that helps. Some hardware/software out there is known
450to be broken with respect to these options.
451.It Ar log_in_vain
452(bool) Set to
453.Ar NO
454by default.
455Setting to YES will enable logging of connection attempts to ports that
456have no listening socket on them.
457.It Ar tcp_keepalive
458(bool) Set to
459.Ar YES
460by default.
461Setting to NO will disable probing idle TCP connections to verify that the
462peer is still up and reachable.
463.It Ar tcp_drop_synfin
464(bool) Set to
465.Ar NO
466by default.
467Setting to YES will cause the kernel to ignore TCP frames that have both
468the SYN and FIN flags set.
469This prevents OS fingerprinting, but may
470break some legitimate applications.
471This option is only available if the
472kernel was built with the TCP_DROP_SYNFIN option.
473.It Ar tcp_restrict_rst
474(bool) Set to
475.Ar NO
476by default.
477Setting to YES will cause the kernel to refrain from emitting TCP RST frames
478in response to invalid TCP packets (e.g. frames destined for closed ports).
479This option is only available if the kernel was built with the
480TCP_RESTRICT_RST option.
481.It Ar icmp_drop_redirect
482(bool) Set to
483.Ar NO
484by default.
485Setting to YES will cause the kernel to ignore ICMP REDIRECT packets.
486.It Ar icmp_log_redirect
487(bool) Set to
488.Ar NO
489by default.
490Setting to YES will cause the kernel to log ICMP REDIRECT packets.
491Note that
492the log messages are not rate-limited, so this option should only be used
493for troubleshooting your own network.
494.It Ar network_interfaces
495(str) Set to the list of network interfaces to configure on this host.
496For example, if you had a loopback device (standard) and an SMC Elite
497Ultra NIC, you might have this set to
498.Qq Ar "lo0 ed0"
499for the two interfaces. An
500.No ifconfig_ Ns Em interface
501variable is also assumed to exist for each value of
502.Em interface .
503It is also possible to add IP alias entries here in cases where you
504want a single interface to have multiple IP addresses registered against
505it.
506Assuming that the interface in question was ed0, it might look
507something like this:
508.Bd -literal
509ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
510ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
511
512.Ed
513And so on. For each ifconfig_<interface>_alias<n> entry that is
514found, its contents are passed to
515.Xr ifconfig 8 .
516Execution stops at the first unsuccessful access, so if you
517had something like:
518.Bd -literal
519ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
520ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
521ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
522ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
523
524.Ed
525Then note that alias4 would
526.Em not
527be added since the search would
528stop with the missing alias3 entry.
529.Pp
530You can bring up an interface with DHCP by setting the
531.No ifconfig_ Ns Em interface
532variable to
533.Dq DHCP .
534For instance, to initialize your ed0 device via DHCP,
535you might have something like:
536.Bd -literal
537ifconfig_ed0="DHCP"
538.Ed
539.It Ar ppp_enable
540(bool) If set to
541.Ar YES ,
542run the
543.Xr ppp 8
544daemon.
545.It Ar ppp_mode
546(str) Mode in which to run the
547.Xr ppp 8
548daemon. Accepted modes are
549.Ar auto , ddial , direct
550and
551.Ar dedicated .
552See the manual for a full description.
553.It Ar ppp_nat
554(bool) If set to
555.Ar YES ,
556enables packet aliasing.
557Used in conjunction with
558.Ar gateway_enable
559allows hosts on private network addresses access to the Internet using
560this host as a network address translating router.
561.It Ar ppp_profile
562(str) The name of the profile to use from
563.Pa /etc/ppp/ppp.conf .
564.It Ar ppp_user
565(str) The name of the user under which ppp should be started. By
566default, ppp is started as
567.Ar root .
568.It Ar rc_conf_files
569(str) This option is used to specify a list of files that will override
570the settings in
571.Pa /etc/defaults/rc.conf .
572The files will be read in the order in which they are specified and should
573include the full path to the file.
574By default, the files specified are
575.Pa /etc/rc.conf
576and
577.Pa /etc/rc.conf.local
578.It Ar syslogd_enable
579(bool) If set to
580.Ar YES ,
581run the
582.Xr syslogd 8
583daemon.
584.It Ar syslogd_flags
585(str) if syslogd_enable is set to
586.Ar YES ,
587these are the flags to pass to
588.Xr syslogd 8 .
589.It Ar inetd_enable
590(bool) If set to
591.Ar YES ,
592run the
593.Xr inetd 8
594daemon.
595.It Ar inetd_flags
596(str) if inetd_enable is set to
597.Ar YES ,
598these are the flags to pass to
599.Xr inetd 8 .
600.It Ar named_enable
601(bool) If set to
602.Ar YES ,
603run the
604.Xr named 8
605daemon.
606.It Ar named_program
607(str) path to
608.Xr named 8
609(default
610.Pa /usr/sbin/named ) .
611.It Ar named_flags
612(str) if
613.Ar named_enable
614is set to
615.Ar YES ,
616these are the flags to pass to
617.Xr named 8 .
618.It Ar kerberos_server_enable
619(bool) Set to
620.Ar YES
621if you want to run a Kerberos authentication server
622at boot time.
623.It Ar kadmind_server_enable
624.Ar YES
625if you want to run
626.Xr kadmind 8
627the Kerberos Administration Daemon); set to
628.Ar NO
629on a slave server.
630.It Ar kerberos_stash
631(str)
632If
633.Ar YES ,
634instruct the Kerberos servers to use the stashed master key instead of
635prompting for it (only if
636.Ar kerberos_server_enable
637is set to
638.Ar YES ,
639and is used for both
640.Xr kerberos 1
641and
642.Xr kadmind 8 ).
643.It Ar rwhod_enable
644(bool) If set to
645.Ar YES ,
646run the
647.Xr rwhod 8
648daemon at boot time.
649.It Ar rwhod_flags
650(str) If
651.Ar rwhod_enable
652is set to
653.Ar YES ,
654these are the flags to pass to it.
655.It Ar amd_enable
656(bool) If set to
657.Ar YES ,
658run the
659.Xr amd 8
660daemon at boot time.
661.It Ar amd_flags
662(str) If
663.Ar amd_enable
664is set to
665.Ar YES ,
666these are the flags to pass to it.
667See the
668.Xr amd 8
669.Xr info 1
670page for more information.
671.It Ar update_motd
672(bool) If set to
673.Ar YES ,
674.Pa /etc/motd
675will be updated at boot time to reflect the kernel release
676bring run. If set to
677.Ar NO ,
678.Pa /etc/motd
679will not be updated
680.It Ar nfs_client_enable
681(bool) If set to
682.Ar YES ,
683run the NFS client daemons at boot time.
684.It Ar nfs_client_flags
685(str) If
686.Ar nfs_client_enable
687is set to
688.Ar YES ,
689these are the flags to pass to the
690.Xr nfsiod 8
691daemon.
692.It Ar nfs_access_cache
693if
694.Ar nfs_client_enable
695is set to
696.Ar YES ,
697this can be set to
698.Ar 0
699to disable NFS ACCESS RPC caching, or to the number of seconds for which NFS ACCESS
700results should be cached. A value of 2-10 seconds will substantially reduce network
701traffic for many NFS operations.
702.It Ar nfs_server_enable
703(bool) If set to
704.Ar YES ,
705run the NFS server daemons at boot time.
706.It Ar nfs_server_flags
707(str) If
708.Ar nfs_server_enable
709is set to
710.Ar YES ,
711these are the flags to pass to the
712.Xr nfsd 8
713daemon.
714.It Ar single_mountd_enable
715(bool) If set to
716.Ar YES ,
717and no
718.Ar nfs_server_enable
719is set, start
720.Xr mountd 8 ,
721but not
722.Xr nfsd 8
723daemon.
724It is commonly needed to run CFS without real NFS used.
725.It Ar weak_mountd_authentication
726(bool) If set to
727.Ar YES ,
728allow services like PCNFSD to make non-privileged mount
729requests.
730.It Ar nfs_privport
731(bool) If set to
732.Ar YES ,
733provide NFS services only on a secure port.
734.It Ar nfs_bufpackets
735(integer) If set to a number, indicates the number of packets worth of
736socket buffer space to reserve on an NFS client. If set to
737.Ar DEFAULT ,
738the kernel default is used (typically 4). Using a higher number may be
739useful on gigabit networks to improve performance. The minimum value is
7402 and the maximum is 64.
741.It Ar rpc_lockd_enable
742(bool) If set to
743.Ar YES
744and also an NFS server, run
745.Xr rpc.lockd 8
746at boot time.
747.It Ar rpc_statd_enable
748(bool) If set to
749.Ar YES
750and also an NFS server, run
751.Xr rpc.statd 8
752at boot time.
753.It Ar portmap_program
754(str) path to
755.Xr portmap 8
756(default
757.Pa /usr/sbin/portmap ) .
758.It Ar portmap_enable
759(bool) If set to
760.Ar YES ,
761run the
762.Xr portmap 8
763service at boot time.
764.It Ar portmap_flags
765(str) If
766.Ar portmap_enable
767is set to
768.Ar YES ,
769these are the flags to pass to the
770.Xr portmap 8
771daemon.
772.It Ar xtend_enable
773(bool) If set to
774.Ar YES
775then run the
776.Xr xtend 8
777daemon at boot time.
778.It Ar xtend_flags
779(str) If
780.Ar xtend_enable
781is set to
782.Ar YES ,
783these are the flags to pass to the
784.Xr xtend 8
785daemon.
786.It Ar pppoed_enable
787(bool) If set to
788.Ar YES
789then run the
790.Xr pppoed 8
791daemon at boot time to provide PPP over Ethernet services.
792.It Ar pppoed_provider
793.Xr pppoed 8
794listens to requests to this
795.Ar provider
796and ultimately runs
797.Xr ppp 8
798with a
799.Ar system
800argument of the same name.
801.It Ar pppoed_flags
802Additional flags to pass to
803.Xr pppoed 8 .
804.It Ar pppoed_interface
805The network interface to run pppoed on. This is mandatory when
806.Ar pppoed_enable
807is set to
808.Dq YES .
809.It Ar timed_enable
810(boot) if
811.Ar YES
812then run the
813.Xr timed 8
814service at boot time. This command is intended for networks of
815machines where a consistent
816.Qq "network time"
817for all hosts must be established. This is often useful in large NFS
818environments where time stamps on files are expected to be consistent
819network-wide.
820.It Ar timed_flags
821(str) If
822.Ar timed_enable
823is set to
824.Ar YES ,
825these are the flags to pass to the
826.Xr timed 8
827service.
828.It Ar ntpdate_enable
829(bool) If set to
830.Ar YES ,
831run ntpdate at system startup. This command is intended to
832synchronize the system clock only
833.Ar once
834from some standard reference. An option to set this up initially
835(from a list of known servers) is also provided by the
836.Pa /stand/sysinstall
837program when the system is first installed.
838.It Ar ntpdate_program
839(str) path to
840.Xr ntpdate 8
841(default
842.Pa /usr/sbin/ntpdate ) .
843.It Ar ntpdate_flags
844(str) If
845.Ar ntpdate_enable
846is set to
847.Ar YES ,
848these are the flags to pass to the
849.Xr ntpdate 8
850command (typically a hostname).
851.It Ar xntpd_enable
852(bool) If set to
853.Ar YES
854then run the
855.Xr xntpd 8
856command at boot time.
857.It Ar xntpd_program
858(str) path to
859.Xr xntpd 8
860(default
861.Pa /usr/sbin/xntpd ) .
862.It Ar xntpd_flags
863(str) If
864.Ar xntpd_enable
865is set to
866.Ar YES ,
867these are the flags to pass to the
868.Xr xntpd 8
869daemon.
870.It Ar nis_client_enable
871(bool) If set to
872.Ar YES
873then run the
874.Xr ypbind 8
875service at system boot time.
876.It Ar nis_client_flags
877(str) If
878.Ar nis_client_enable
879is set to
880.Ar YES ,
881these are the flags to pass to the
882.Xr ypbind 8
883service.
884.It Ar nis_ypset_enable
885(bool) If set to
886.Ar YES
887then run the
888.Xr ypset 8
889daemon at system boot time.
890.It Ar nis_ypset_flags
891(str) If
892.Ar nis_ypset_enable
893is set to
894.Ar YES ,
895these are the flags to pass to the
896.Xr ypset 8
897daemon.
898.It Ar nis_server_enable
899(bool) If set to
900.Ar YES
901then run the
902.Xr ypserv 8
903daemon at system boot time.
904.It Ar nis_server_flags
905(str) If
906.Ar nis_server_enable
907is set to
908.Ar YES ,
909these are the flags to pass to the
910.Xr ypserv 8
911daemon.
912.It Ar nis_ypxfrd_enable
913(bool) If set to
914.Ar YES
915then run the
916.Xr ypxfrd 8
917daemon at system boot time.
918.It Ar nis_ypxfrd_flags
919(str) If
920.Ar nis_ypxfrd_enable
921is set to
922.Ar YES ,
923these are the flags to pass to the
924.Xr ypxfrd 8
925daemon.
926.It Ar nis_yppasswdd_enable
927(bool) If set to
928.Ar YES
929then run the
930.Xr yppasswdd 8
931daemon at system boot time.
932.It Ar nis_yppasswdd_flags
933(str) If
934.Ar nis_yppasswdd_enable
935is set to
936.Ar YES ,
937these are the flags to pass to the
938.Xr yppasswdd 8
939daemon.
940.It Ar defaultrouter
941(str) If not set to
942.Ar NO
943then create a default route to this host name or IP address (use IP
944address value if you also require this router to get to a name
945server!)
946.It Ar static_routes
947(str) Set to the list of static routes you would like to add at system
948boot time. If not set to
949.Ar NO
950then for each whitespace separated
951.Em element
952in the value, a
953.No route_ Ns element
954variable is assumed to exist
955whose contents will later be passed to a
956.Dq route add
957operation.
958.It Ar gateway_enable
959(bool) If set to
960.Ar YES ,
961then configure host to at as an IP router, e.g. to forward packets
962between interfaces.
963.It Ar router_enable
964(bool) If set to
965.Ar YES
966then run a routing daemon of some sort, based on the
967settings of
968.Ar router
969and
970.Ar router_flags .
971.It Ar router
972(str) If
973.Ar router_enable
974is set to
975.Ar YES ,
976this is the name of the routing daemon to use.
977.It Ar router_flags
978(str) If
979.Ar router_enable
980is set to
981.Ar YES ,
982these are the flags to pass to the routing daemon.
983.It Ar mrouted_enable
984(bool) If set to
985.Ar YES
986then run the multicast routing daemon,
987.Xr mrouted 8 .
988.It Ar mrouted_flags
989(str) If
990.Ar mrouted_enable
991is set to
992.Ar YES ,
993these are the flags to pass to the multicast routing daemon.
994.It Ar ipxgateway_enable
995(bool) If set to
996.Ar YES
997then enable the routing of IPX traffic.
998.It Ar ipxrouted_enable
999(bool) If set to
1000.Ar YES
1001then run the
1002.Xr IPXrouted 8
1003daemon at system boot time.
1004.It Ar ipxrouted_flags
1005(str) If
1006.Ar ipxrouted_enable
1007is set to
1008.Ar YES ,
1009these are the flags to pass to the
1010.Xr IPXrouted 8
1011daemon.
1012.It Ar arpproxy_all
1013If set to
1014.Ar YES
1015then enable global proxy ARP.
1016.It Ar forward_sourceroute
1017If set to
1018.Ar YES
1019then when
1020.Ar gateway_enable
1021is also set to
1022.Ar YES ,
1023source routed packets are forwarded.
1024.It Ar accept_sourceroute
1025If set to
1026.Ar YES
1027then the system will accept source routed packets directed at it.
1028.It Ar rarpd_enable
1029(bool) If set to
1030.Ar YES
1031then run the
1032.Xr rarpd 8
1033daemon at system boot time.
1034.It Ar rarpd_flags
1035(str) If
1036.Ar rarpd_enable
1037is set to
1038.Ar YES ,
1039these are the flags to pass to the
1040.Xr rarpd 8
1041daemon.
1042.It Ar atm_enable
1043(bool) Set to
1044.Ar YES
1045to enable the configuration of ATM interfaces at system boot time.
1046For all of the ATM variables described below, please refer to the
1047.Xr atm 8
1048man page for further details on the available command parameters.
1049Also refer to the files in
1050.Pa /usr/share/examples/atm
1051for more detailed configuration information.
1052.It Ar atm_netif_<intf>
1053(str) For the ATM physical interface
1054.Va <intf> ,
1055this variable defines the name prefix and count for the ATM network interfaces to be created.
1056The value will be passed as the parameters of an
1057.Dq atm set netif Va <intf>
1058command.
1059.It Ar atm_sigmgr_<intf>
1060(str) For the ATM physical interface
1061.Va <intf> ,
1062this variable defines the ATM signalling manager to be used.
1063The value will be passed as the parameters of an
1064.Dq atm attach Va <intf>
1065command.
1066.It Ar atm_prefix_<intf>
1067(str) For the ATM physical interface
1068.Va <intf> ,
1069this variable defines the NSAP prefix for interfaces using a UNI signalling
1070manager. If set to
1071.Em ILMI ,
1072then the prefix will automatically be set via the
1073.Xr ilmid 8
1074daemon. Otherwise, the value will be passed as the parameters of an
1075.Dq atm set prefix Va <intf>
1076command.
1077.It Ar atm_macaddr_<intf>
1078(str) For the ATM physical interface
1079.Va <intf> ,
1080this variable defines the MAC address for interfaces using a UNI signalling
1081manager. If set to
1082.Em NO ,
1083then the hardware MAC address contained in the ATM interface card will be used.
1084Otherwise, the value will be passed as the parameters of an
1085.Dq atm set mac Va <intf>
1086command.
1087.It Ar atm_arpserver_<netif>
1088(str) For the ATM network interface
1089.Va <netif> ,
1090this variable defines the ATM address for a host which is to provide ATMARP
1091service. This variable is only applicable to interfaces using a UNI signalling
1092manager. If set to
1093.Em local ,
1094then this host will become an ATMARP server.
1095The value will be passed as the parameters of an
1096.Dq atm set arpserver Va <netif>
1097command.
1098.It Ar atm_scsparp_<netif>
1099(bool) If set to
1100.Em YES ,
1101then SCSP/ATMARP service for the network interface
1102.Va <netif>
1103will be initiated using the
1104.Xr scspd 8
1105and
1106.Xr atmarpd 8
1107daemons. This variable is only applicable if
1108.So
1109.No atm_arpserver_ Ns Va <netif>
1110.No Ns = Ns Qq local
1111.Sc
1112is defined.
1113.It Ar atm_pvcs
1114(str) Set to the list of ATM PVCs you would like to add at system
1115boot time. For each whitespace separated
1116.Em element
1117in the value, an
1118.No atm_pvc_ Ns Em element
1119variable is assumed to exist. The value of each of these variables
1120will be passed as the parameters of an
1121.Dq atm add pvc
1122command.
1123.It Ar atm_arps
1124(str) Set to the list of permanent ATM ARP entries you would like to add
1125at system boot time. For each whitespace separated
1126.Em element
1127in the value, an
1128.No atm_arp_ Ns Em element
1129variable is assumed to exist. The value of each of these variables
1130will be passed as the parameters of an
1131.Dq atm add arp
1132command.
1133.It Ar keymap
1134(str) If set to
1135.Ar NO
1136then no keymap is installed, otherwise the value is used to install
1137the keymap file in
1138.Pa /usr/share/syscons/keymaps/<value>.kbd
1139.It Ar keyrate
1140(str) The keyboard repeat speed. Set to
1141.Ar slow ,
1142.Ar normal ,
1143.Ar fast
1144or
1145.Ar NO
1146if the default behavior is desired.
1147.It Ar keychange
1148(str) If not set to
1149.Ar NO ,
1150attempt to program the function keys with the value. The value should
1151be a single string of the form:
1152.Qq Ar "<funkey_number> <new_value> [<funkey_number> <new_value>]..."
1153.It Ar cursor
1154(str) Can be set to the value of
1155.Ar normal ,
1156.Ar blink ,
1157.Ar destructive
1158or
1159.Ar NO
1160to set the cursor behavior explicitly or choose the default behavior.
1161.It Ar scrnmap
1162(str) If set to
1163.Ar NO
1164then no screen map is installed, otherwise the value is used to install
1165the screen map file in
1166.Pa /usr/share/syscons/scrnmaps/<value> .
1167.It Ar font8x16
1168(str) If set to
1169.Ar NO
1170then the default 8x16 font value is used for screen size requests, otherwise
1171the value in
1172.Pa /usr/share/syscons/fonts/<value>
1173is used.
1174.It Ar font8x14
1175(str) If set to
1176.Ar NO
1177then the default 8x14 font value is used for screen size requests, otherwise
1178the value in
1179.Pa /usr/share/syscons/fonts/<value>
1180is used.
1181.It Ar font8x8
1182(str) If set to
1183.Ar NO
1184then the default 8x8 font value is used for screen size requests, otherwise
1185the value in
1186.Pa /usr/share/syscons/fonts/<value>
1187is used.
1188.It Ar blanktime
1189(int) If set to
1190.Ar NO
1191then the default screen blanking interval is used, otherwise it is set
1192to
1193.Ar value
1194seconds.
1195.It Ar saver
1196(str) If not set to
1197.Ar NO ,
1198this is the actual screen saver to use (blank, snake, daemon, etc).
1199.It Ar moused_enable
1200(str) If set to
1201.Ar YES ,
1202the
1203.Xr moused 8
1204daemon is started for doing cut/paste selection on the console.
1205.It Ar moused_type
1206(str) This is the protocol type of mouse you would like to use.
1207This variable must be set if
1208.Ar moused_enable
1209is set to
1210.Ar YES .
1211The
1212.Xr moused 8
1213daemon
1214is able to detect the appropriate mouse type automatically in many cases.
1215You can set this variable to
1216.Ar auto
1217to let the daemon detect it, or
1218select one from the following list if the automatic detection fails.
1219.Pp
1220If your mouse is attached to the PS/2 mouse port, you should
1221always choose
1222.Ar auto
1223or
1224.Ar ps/2 ,
1225regardless of the brand and model of the mouse. Likewise, if your
1226mouse is attached to the bus mouse port, choose
1227.Ar auto
1228or
1229.Ar busmouse .
1230All other protocols are for serial mice and will not work with
1231the PS/2 and bus mice.
1232If you have a USB mouse,
1233.Ar auto
1234is the only protocol type which works with the USB mouse.
1235.Bd -literal
1236microsoft Microsoft mouse (serial)
1237intellimouse Microsoft IntelliMouse (serial)
1238mousesystems Mouse systems Corp mouse (serial)
1239mmseries MM Series mouse (serial)
1240logitech Logitech mouse (serial)
1241busmouse A bus mouse
1242mouseman Logitech MouseMan and TrackMan (serial)
1243glidepoint ALPS GlidePoint (serial)
1244thinkingmouse Kensignton ThinkingMouse (serial)
1245ps/2 PS/2 mouse
1246mmhittab MM HitTablet (serial)
1247x10mouseremote X10 MouseRemote (serial)
1248versapad Interlink VersaPad (serial)
1249
1250.Ed
1251Even if your mouse is not in the above list, it may be compatible
1252with one in the list.
1253Refer to the man page for
1254.Xr moused 8
1255for compatibility information.
1256.Pp
1257It should also be noted that while this is enabled, any
1258other client of the mouse (such as an X server) should access
1259the mouse through the virtual mouse device:
1260.Pa /dev/sysmouse
1261and configure it as a sysmouse type mouse, since all
1262mouse data is converted to this single canonical format when
1263using
1264.Xr moused 8 .
1265If the client program does not support the sysmouse type,
1266specify the mousesystems type.
1267It is the second prefered type.
1268.It Ar moused_port
1269(str) If
1270.Ar moused_enable
1271is set to
1272.Ar YES ,
1273this is the actual port the mouse is on.
1274It might be
1275.Pa /dev/cuaa0
1276for a COM1 serial mouse,
1277.Pa /dev/psm0
1278for a PS/2 mouse or
1279.Pa /dev/mse0
1280for a bus mouse, for example.
1281.It Ar moused_flags
1282(str) If
1283.Ar moused_type
1284is set, these are the additional flags to pass to the
1285.Xr moused 8
1286daemon.
1287.It Ar allscreens_flags
1288(str) If set,
1289.Xr vidcontrol 1
1290is run with these options for each of the virtual terminals
1291.Pq Pa /dev/ttyv* .
1292For example,
1293.Ar -m on
1294will enable the mouse pointer on all virtual terminals
1295if
1296.Ar moused_enable
1297is set to
1298.Ar YES .
1299.It Ar cron_enable
1300(bool) If set to
1301.Ar YES
1302then run the
1303.Xr cron 8
1304daemon at system boot time.
1305.It Ar lpd_program
1306(str) path to
1307.Xr lpd 8
1308(default
1309.Pa /usr/sbin/lpd ) .
1310.It Ar lpd_enable
1311(bool) If set to
1312.Ar YES
1313then run the
1314.Xr lpd 8
1315daemon at system boot time.
1316.It Ar lpd_flags
1317(str) If
1318.Ar lpd_enable
1319is set to
1320.Ar YES ,
1321these are the flags to pass to the
1322.Xr lpd 8
1323daemon.
1324.It Ar sendmail_enable
1325(bool) If set to
1326.Ar YES
1327then run the
1328.Xr sendmail 8
1329daemon at system boot time.
1330.It Ar sendmail_flags
1331(str) If
1332.Ar sendmail_enable
1333is set to
1334.Ar YES ,
1335these are the flags to pass to the
1336.Xr sendmail 8
1337daemon.
1338.It Ar dumpdev
1339(str) If not set to
1340.Ar NO
1341then point kernel crash-dumps at the swap device
1342specified as
1343.Em value .
1344When the system restarts,
1345a crash-dump found on the specified device
1346will typically be stored in the
1347.Pa /var/crash
1348directory by the
1349.Xr savecore 8
1350program.
1351.It Ar check_quotas
1352(bool) Set to
1353.Ar YES
1354if you want to enable user disk quota checking via the
1355.Xr quotacheck 8
1356command.
1357.It Ar accounting_enable
1358(bool) Set to
1359.Ar YES
1360if you wish to enable system accounting through the
1361.Xr accton 8
1362facility.
1363.It Ar ibcs2_enable
1364(bool) Set to
1365.Ar YES
1366if you wish to enable iBCS2 (SCO) binary emulation at system initial boot
1367time.
1368.It Ar ibcs2_loaders
1369(str) If not set to
1370.Ar NO
1371and if
1372.Ar ibcs2_enable
1373is set to
1374.Ar YES ,
1375this specifies a list of additional iBCS2 loaders to enable.
1376.It Ar linux_enable
1377(bool) Set to
1378.Ar YES
1379if you wish to enable Linux/ELF binary emulation at system initial
1380boot time.
1381.It Ar osf1_enable
1382(bool) Set to
1383.Ar YES
1384if you wish to enable OSF/1 (Digital UNIX) binary emulation at system
1385initial boot time. (alpha)
1386.It Ar clear_tmp_enable
1387(bool) Set to
1388.Ar YES
1389if you want
1390.Pa /tmp
1391to be cleaned at startup.
1392.It Ar ldconfig_paths
1393(str) Set to the list of shared library paths to use with
1394.Xr ldconfig 8 .
1395NOTE:
1396.Pa /usr/lib
1397will always be added first, so it need not appear in this list.
1398.It Ar ldconfig_insecure
1399(bool) The
1400.Xr ldconfig 8
1401utility normally refuses to use directories
1402which are writable by anyone except root.
1403Set this variable to
1404.Ar YES
1405if you want to disable that security check during system startup.
1406.It Ar kern_securelevel_enable
1407(bool) Set to
1408.Ar YES
1409if you wish to set the kernel security level at system startup.
1410.It Ar kern_securelevel
1411(int) The kernel security level to set at startup.
1412The allowed range of
1413.Ar value
1414ranges from -1 (the compile time default) to 3 (the
1415most secure). See
1416.Xr init 8
1417for the list of possible security levels and their effect
1418on system operation.
1419.It Ar start_vinum
1420(bool) Set to
1421.Ar YES
1422if you want to start
1423.Xr vinum 8
1424at system boot time.
1425.It Ar sshd_program
1426(str) Path to the SSH server program
1427.Po
1428.Pa /usr/sbin/sshd
1429is the default
1430.Pc .
1431.It Ar sshd_enable
1432(bool) Set to
1433.Ar YES
1434if you want to start
1435.Xr sshd 8
1436at system boot time.
1437.It Ar sshd_flags
1438(str) If
1439.Ar sshd_enable
1440is set to
1441.Ar YES ,
1442these are the flags to pass to the
1443.Xr sshd 8
1444daemon.
1445.It Ar unaligned_print
1446(bool) If set to
1447.Ar NO
1448then unaligned access warnings will not be printed. (alpha)
|
1449.Sh FILES
1450.Bl -tag -width /etc/defaults/rc.conf -compact
1451.It Pa /etc/defaults/rc.conf
1452.It Pa /etc/rc.conf
1453.It Pa /etc/rc.conf.local
1454.El
1455.Sh SEE ALSO
1456.Xr catman 1 ,
1457.Xr makewhatis 1 ,
1458.Xr gdb 1 ,
1459.Xr info 1 ,
1460.Xr exports 5 ,
1461.Xr motd 5 ,
1462.Xr accton 8 ,
1463.Xr amd 8 ,
1464.Xr apm 8 ,
1465.Xr atm 8 ,
1466.Xr cron 8 ,
1467.Xr dhclient 8 ,
1468.Xr gated 8 ,
1469.Xr ifconfig 8 ,
1470.Xr inetd 8 ,
1471.Xr lpd 8 ,
1472.Xr moused 8 ,
1473.Xr mrouted 8 ,
1474.Xr named 8 ,
1475.Xr nfsd 8 ,
1476.Xr nfsiod 8 ,
1477.Xr ntpdate 8 ,
1478.Xr pcnfsd 8 ,
1479.Xr portmap 8 ,
1480.Xr quotacheck 8 ,
1481.Xr rc 8 ,
1482.Xr route 8 ,
1483.Xr routed 8 ,
1484.Xr rpc.lockd 8 ,
1485.Xr rpc.statd 8 ,
1486.Xr rwhod 8 ,
1487.Xr savecore 8 ,
1488.Xr sendmail 8 ,
1489.Xr sshd 8 ,
1490.Xr sysctl 8 ,
1491.Xr syslogd 8 ,
1492.Xr swapon 8 ,
1493.Xr tickadj 8 ,
1494.Xr timed 8 ,
1495.Xr vinum 8 ,
1496.Xr vnconfig 8 ,
1497.Xr xntpd 8 ,
1498.Xr xtend 8 ,
1499.Xr ypbind 8 ,
1500.Xr ypserv 8 ,
1501.Xr ypset 8
1502.Sh HISTORY
1503The
1504.Nm
1505file appeared in
1506.Fx 2.2.2 .
1507.Sh AUTHORS
1508.An Jordan K. Hubbard .
| 1450.Sh FILES
1451.Bl -tag -width /etc/defaults/rc.conf -compact
1452.It Pa /etc/defaults/rc.conf
1453.It Pa /etc/rc.conf
1454.It Pa /etc/rc.conf.local
1455.El
1456.Sh SEE ALSO
1457.Xr catman 1 ,
1458.Xr makewhatis 1 ,
1459.Xr gdb 1 ,
1460.Xr info 1 ,
1461.Xr exports 5 ,
1462.Xr motd 5 ,
1463.Xr accton 8 ,
1464.Xr amd 8 ,
1465.Xr apm 8 ,
1466.Xr atm 8 ,
1467.Xr cron 8 ,
1468.Xr dhclient 8 ,
1469.Xr gated 8 ,
1470.Xr ifconfig 8 ,
1471.Xr inetd 8 ,
1472.Xr lpd 8 ,
1473.Xr moused 8 ,
1474.Xr mrouted 8 ,
1475.Xr named 8 ,
1476.Xr nfsd 8 ,
1477.Xr nfsiod 8 ,
1478.Xr ntpdate 8 ,
1479.Xr pcnfsd 8 ,
1480.Xr portmap 8 ,
1481.Xr quotacheck 8 ,
1482.Xr rc 8 ,
1483.Xr route 8 ,
1484.Xr routed 8 ,
1485.Xr rpc.lockd 8 ,
1486.Xr rpc.statd 8 ,
1487.Xr rwhod 8 ,
1488.Xr savecore 8 ,
1489.Xr sendmail 8 ,
1490.Xr sshd 8 ,
1491.Xr sysctl 8 ,
1492.Xr syslogd 8 ,
1493.Xr swapon 8 ,
1494.Xr tickadj 8 ,
1495.Xr timed 8 ,
1496.Xr vinum 8 ,
1497.Xr vnconfig 8 ,
1498.Xr xntpd 8 ,
1499.Xr xtend 8 ,
1500.Xr ypbind 8 ,
1501.Xr ypserv 8 ,
1502.Xr ypset 8
1503.Sh HISTORY
1504The
1505.Nm
1506file appeared in
1507.Fx 2.2.2 .
1508.Sh AUTHORS
1509.An Jordan K. Hubbard .
|