4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
13 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
14 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE
17 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 .Nd system configuration information
36 contains descriptive information about the local host name, configuration
37 details for any potential network interfaces and which services should be
38 started up at system initial boot time.
39 In new installations, the
41 file is generally initialized by the system installation utility.
45 is not to run commands or perform system startup actions
47 Instead, it is included by the
48 various generic startup scripts in
50 which conditionalize their
51 internal actions according to the settings found there.
55 file is included from the file
56 .Pa /etc/defaults/rc.conf ,
57 which specifies the default settings for all the available options.
58 Options need only be specified in
60 when the system administrator wishes to override these defaults.
62 .Pa /etc/rc.conf.local
63 is used to override settings in
65 for historical reasons.
67 .Pa /etc/rc.conf.local
68 you can also place smaller configuration files for each
72 directory, which will be included by the
75 For jail configurations you could use the file
76 .Pa /etc/rc.conf.d/jail
77 to store jail specific configuration options.
83 .Dq Ar name Ns Li = Ns Ar value
87 The following list provides a name and short description for each
88 variable that can be set in the
91 .Bl -tag -width indent-two
96 enable output of debug messages from rc scripts.
97 This variable can be helpful in diagnosing mistakes when
98 editing or integrating new scripts.
99 Beware that this produces copious output to the terminal and
105 disable informational messages from the rc scripts.
106 Informational messages are displayed when
107 a condition that is not serious enough to warrant a warning or
115 when faststart is used (e.g., at boot time).
116 .It Va early_late_divider
118 The name of the script that should be used as the
119 delimiter between the
123 stages of the boot process.
124 The early stage should contain all the services needed to
125 get the disks (local or remote) mounted so that the late
126 stage can include scripts contained in the directories
129 variable (see below).
130 Thus, the two likely candidates for this value are
132 for the typical system, and
134 if the system needs remote file
135 systems mounted to get access to the
137 directories; for example when
145 is likely to be an appropriate value.
146 Extreme care should be taken when changing this value,
147 and before changing it one should ensure that there are
148 adequate provisions to recover from a failed boot
149 (such as physical contact with the machine,
150 or reliable remote console access).
151 .It Va always_force_depends
155 scripts use the force_depend function to check whether required
156 services are already running, and to start them if necessary.
157 By default during boot time this check is bypassed if the
158 required service is enabled in
159 .Pa /etc/rc.conf[.local] .
160 Setting this option will bypass that check at boot time and
161 always test whether or not the service is actually running.
162 Enabling this option is likely to increase your boot time if
163 services are enabled that utilize the force_depend check.
168 no swapfile is installed, otherwise the value is used as the full
169 pathname to a file to use for additional swap space.
170 .It Ao Ar name Ac Ns Va _chroot
173 to this directory before running the service.
174 .It Ao Ar name Ac Ns Va _user
176 Run the service under this user account.
177 .It Ao Ar name Ac Ns Va _group
179 Run the chrooted service under this system group. Unlike the _user
180 setting, this setting has no effect if the service is not chrooted.
181 .It Ao Ar name Ac Ns Va _fib
185 value to run the service under.
186 .It Ao Ar name Ac Ns Va _nice
190 value to run the service under.
195 enable support for Automatic Power Management with
203 to handle APM event from userland.
204 This also enables support for APM.
211 these are the flags to pass to the
218 to handle device added, removed or unknown events from the kernel.
225 scripts at boot time.
228 Configuration file for
234 A list of kernel modules to load right after the local
236 Loading modules at this point in the boot process is
237 much faster than doing it via
238 .Pa /boot/loader.conf
239 for those modules not necessary for mounting local disk.
240 .It Va kldxref_enable
247 to automatically rebuild
252 .It Va kldxref_clobber
262 will overwrite existing
269 .It Va kldxref_module_path
274 delimited list of paths containing
286 enable the system power control facility with the
295 these are the flags to pass to the
299 Controls the creation of a
302 Always happens if set to
304 and never happens if set to
306 If set to anything else, a memory file system is created if
310 Controls the size of a created
314 Extra options passed to the
316 utility when the memory file system for
321 which inhibits the use of softupdates on
323 so that file system space is freed without delay
324 after file truncation or deletion.
327 for other options you can use in
330 Controls the creation of a
333 Always happens if set to
335 and never happens if set to
337 If set to anything else, a memory file system is created if
341 Controls the size of a created
345 Extra options passed to the
347 utility when the memory file system for
352 which inhibits the use of softupdates on
354 so that file system space is freed without delay
355 after file truncation or deletion.
358 for other options you can use in
361 Controls the automatic population of the
364 Always happens if set to
366 and never happens if set to
368 If set to anything else, a memory file system is created if
371 Note that this process requires access to certain commands in
375 is mounted on normal systems.
376 .It Va cleanvar_enable
383 List of directories to search for startup script files.
384 .It Va script_name_sep
386 The field separator to use for breaking down the list of startup script files
387 into individual filenames.
388 The default is a space.
389 It is not necessary to change this unless there are startup scripts with names
391 .It Va hostapd_enable
400 The fully qualified domain name (FQDN) of this host on the network.
401 This should almost certainly be set to something meaningful, even if
402 there is no network connection.
405 is used to set the hostname via DHCP,
406 this variable should be set to an empty string.
407 If this value remains unset when the system is done booting
408 your console login will display the default hostname of
412 The NIS domain name of this host, or
415 .It Va dhclient_program
417 Path to the DHCP client program
418 .Pa ( /sbin/dhclient ,
423 .It Va dhclient_flags
425 Additional flags to pass to the DHCP client program.
430 manpage for a description of the command line options available.
431 .It Va dhclient_flags_ Ns Aq Ar iface
432 Additional flags to pass to the DHCP client program running on
435 When specified, this variable overrides
437 .It Va background_dhclient
441 to start the DHCP client in background.
442 This can cause trouble with applications depending on
443 a working network, but it will provide a faster startup
445 .It Va background_dhclient_ Ns Aq Ar iface
446 When specified, this variable overrides the
447 .Va background_dhclient
448 variable for interface
451 .It Va synchronous_dhclient
457 synchronously at startup.
458 This behavior can be overridden on a per-interface basis by replacing
462 .Va ifconfig_ Ns Aq Ar interface
467 .It Va defaultroute_delay
469 When set to a positive value, wait up to this long after configuring
470 DHCP interfaces at startup to give the interfaces time to receive a lease.
471 .It Va firewall_enable
475 to load firewall rules at startup.
476 If the kernel was not built with
477 .Cd "options IPFIREWALL" ,
480 kernel module will be loaded.
482 .Va ipfilter_enable .
483 .It Va firewall_script
485 This variable specifies the full path to the firewall script to run.
487 .Pa /etc/rc.firewall .
490 Names the firewall type from the selection in
491 .Pa /etc/rc.firewall ,
492 or the file which contains the local firewall ruleset.
493 Valid selections from
497 .Bl -tag -width ".Li simple" -compact
499 unrestricted IP access
501 all IP services disabled, except via
504 basic protection for a workstation
506 basic protection for a LAN.
509 If a filename is specified, the full path
511 .It Va firewall_quiet
515 to disable the display of firewall rules on the console during boot.
516 .It Va firewall_logging
520 to enable firewall event logging.
521 This is equivalent to the
522 .Dv IPFIREWALL_VERBOSE
524 .It Va firewall_logif
528 to create pseudo interface
531 For more details, see
534 .It Va firewall_flags
540 specifies a filename.
541 .It Va firewall_coscripts
543 List of executables and/or rc scripts to run after firewall starts/stops.
545 .\" ----- firewall_nat_enable setting --------------------------------
546 .It Va firewall_nat_enable
558 .It Va firewall_nat_interface
564 This is the name of the public interface or IP address on which
565 kernel NAT should run.
566 .It Va firewall_nat_flags
568 Additional configuration parameters for kernel NAT should be placed here.
569 .It Va dummynet_enable
573 will automatically load the
579 .\" -------------------------------------------------------------------
595 sockets must be enabled in the kernel.
596 If the kernel was not built with
597 .Cd "options IPDIVERT" ,
600 kernel module will be loaded.
601 .It Va natd_interface
603 This is the name of the public interface on which
606 The interface may be given as an interface name or as an IP address.
611 flags should be placed here.
616 flag is automatically added with the above
619 .\" ----- ipfilter_enable setting --------------------------------
620 .It Va ipfilter_enable
631 Typical usage will require putting
633 ipfilter_enable="YES"
651 can be enabled independently.
655 both require at least one of
665 options IPFILTER_DEFAULT_BLOCK
668 in the kernel configuration file is a good idea, too.
669 .\" ----- ipfilter_program setting ------------------------------
670 .It Va ipfilter_program
676 .\" ----- ipfilter_rules setting --------------------------------
677 .It Va ipfilter_rules
682 This variable contains the name of the filter rule definition file.
683 The file is expected to be readable for the
686 .\" ----- ipv6_ipfilter_rules setting ---------------------------
687 .It Va ipv6_ipfilter_rules
692 This variable contains the IPv6 filter rule definition file.
693 The file is expected to be readable for the
696 .\" ----- ipfilter_flags setting --------------------------------
697 .It Va ipfilter_flags
700 This variable contains flags passed to the
703 .\" ----- ipnat_enable setting ----------------------------------
713 network address translation.
716 for a detailed discussion.
717 .\" ----- ipnat_program setting ---------------------------------
724 .\" ----- ipnat_rules setting -----------------------------------
730 This variable contains the name of the file
731 holding the network address translation definition.
732 This file is expected to be readable for the
735 .\" ----- ipnat_flags setting -----------------------------------
739 This variable contains flags passed to the
742 .\" ----- ipmon_enable setting ----------------------------------
757 Setting this variable needs setting
764 for a detailed discussion.
765 .\" ----- ipmon_program setting ---------------------------------
772 .\" ----- ipmon_flags setting -----------------------------------
778 This variable contains flags passed to the
781 Another typical example would be
782 .Dq Fl D Pa /var/log/ipflog
785 log directly to a file bypassing
788 .Pa /etc/newsyslog.conf
789 in such case like this:
791 /var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid
793 .\" ----- ipfs_enable setting -----------------------------------
803 saving the filter and NAT state tables during shutdown
804 and reloading them during startup again.
805 Setting this variable needs setting
814 for a detailed discussion.
820 because the raised securelevel will prevent
822 from saving the state tables at shutdown time.
823 .\" ----- ipfs_program setting ----------------------------------
830 .\" ----- ipfs_flags setting ------------------------------------
834 This variable contains flags passed to the
837 .\" ----- end of added ipf hook ---------------------------------
849 Typical usage will require putting
864 into the kernel, otherwise the
865 kernel module will be loaded.
870 ruleset configuration file
885 these flags are passed to the
887 program when loading the ruleset.
897 which logs packets from the
910 .Pa /var/log/pflog ) .
912 .Pa /etc/newsyslog.conf
913 to adjust logfile rotation for this.
923 This variable contains additional flags passed to the
926 .It Va ftpproxy_enable
937 packet filter in translating ftp connections.
938 .It Va ftpproxy_flags
941 This variable contains additional flags passed to the
953 state changes to other hosts over the network by means of
958 must also be set then.
959 .It Va pfsync_syncdev
962 This variable specifies the name of the network interface
964 should operate through.
965 It must be set accordingly if
969 .It Va pfsync_syncpeer
972 This variable is optional.
973 By default, state change messages are sent out on the synchronisation
974 interface using IP multicast packets.
975 The protocol is IP protocol 240, PFSYNC, and the multicast group used is
977 When a peer address is specified using the
979 option, the peer address is used as a destination for the pfsync
980 traffic, and the traffic can then be protected using
984 manpage for more details about using
989 .It Va pfsync_ifconfig
992 This variable can contain additional options to be passed to the
994 command used to set up
996 .It Va tcp_extensions
1003 disables certain TCP options as described by
1009 might help remedy such problems with connections as randomly hanging
1010 or other weird behavior.
1011 Some network devices are known
1012 to be broken with respect to these options.
1015 Set to 0 by default.
1019 .Va net.inet.tcp.log_in_vain
1021 .Va net.inet.udp.log_in_vain ,
1026 are set to the given value.
1027 .It Va tcp_keepalive
1034 will disable probing idle TCP connections to verify that the
1035 peer is still up and reachable.
1036 .It Va tcp_drop_synfin
1043 will cause the kernel to ignore TCP frames that have both
1044 the SYN and FIN flags set.
1045 This prevents OS fingerprinting, but may
1046 break some legitimate applications.
1047 .It Va icmp_drop_redirect
1054 will cause the kernel to ignore ICMP REDIRECT packets.
1057 for more information.
1058 .It Va icmp_log_redirect
1065 will cause the kernel to log ICMP REDIRECT packets.
1067 the log messages are not rate-limited, so this option should only be used
1068 for troubleshooting networks.
1071 for more information.
1072 .It Va icmp_bmcastecho
1076 to respond to broadcast or multicast ICMP ping packets.
1079 for more information.
1080 .It Va ip_portrange_first
1084 this is the first port in the default portrange.
1087 for more information.
1088 .It Va ip_portrange_last
1092 this is the last port in the default portrange.
1095 for more information.
1096 .It Va network_interfaces
1098 Set to the list of network interfaces to configure on this host or
1100 (the default) for all current interfaces.
1102 .Va network_interfaces
1103 variable to anything other than the default is deprecated.
1104 Interfaces that the administrator wishes to store configuration for,
1105 but not start at boot should be configured with the
1108 .Va ifconfig_ Ns Aq Ar interface
1109 variables as described below.
1112 .Va ifconfig_ Ns Aq Ar interface
1113 variable is also assumed to exist for each value of
1115 When an interface name contains any of the characters
1117 they are translated to
1120 The variable can contain arguments to
1122 as well as special case-insensitive keywords described below.
1123 Such keywords are removed before passing the value to
1125 while the order of the other arguments is preserved.
1127 One can configure more than one IPv4 address with the
1128 .Va ipv4_addrs_ Ns Aq Ar interface
1130 One or more IP addresses must be provided in Classless Inter-Domain
1131 Routing (CIDR) address notation, whose last byte can be a range like
1133 In this case the address 192.0.2.5 will be configured with the
1134 netmask /24 and the addresses 192.0.2.6 to 192.0.2.23 with
1135 the non-conflicting netmask /32 as explained in the
1138 With the interface in question being
1140 an example could look like:
1142 ipv4_addrs_ed0="192.0.2.129/27 192.0.2.1-5/28"
1145 It is also possible to add IP alias entries using
1150 Assuming that the interface in question was
1153 something like this:
1155 ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
1156 ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
1161 .Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
1164 keyword that is found,
1165 its contents are passed to
1167 Execution stops at the first unsuccessful access, so if
1168 something like this is present:
1170 ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
1171 ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
1172 ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
1173 ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
1176 Then note that alias4 would
1178 be added since the search would
1179 stop with the missing
1182 Due to this difficult to manage behavior, the
1183 .Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
1187 .Pa /etc/start_if. Ns Aq Ar interface
1188 file is present, it is read and executed by the
1191 before configuring the interface as specified in the
1192 .Va ifconfig_ Ns Aq Ar interface
1194 .Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
1198 .Va vlans_ Ns Aq Ar interface
1202 interface will be created for each item in the list with the
1206 If a vlan interface's name is a number,
1207 then that number is used as the vlan tag and the new vlan interface is
1209 .Ar interface . Ns Ar tag .
1211 the vlan tag must be specified via a
1214 .Va create_args_ Ns Aq Ar interface
1217 To create a vlan device named
1221 with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24:
1224 ifconfig_em0_101="inet 192.0.2.1/24"
1227 To create a vlan device named
1231 with the vlan tag 102:
1234 create_args_myvlan="vlan 102"
1238 .Va wlans_ Ns Aq Ar interface
1242 interface will be created for each item in the list with the
1246 Further wlan cloning arguments may be passed to the
1249 command by setting the
1250 .Va create_args_ Ns Aq Ar interface
1254 devices must be created for each wireless devices as of
1260 may be specified with an
1261 .Va wlandebug_ Ns Aq Ar interface
1263 The contents of this variable will be passed directly to
1267 .Va ifconfig_ Ns Aq Ar interface
1268 contains the keyword
1270 then the interface will not be configured
1272 .Pa /etc/pccard_ether
1274 .Va network_interfaces
1278 It is possible to bring up an interface with DHCP by adding
1281 .Va ifconfig_ Ns Aq Ar interface
1283 For instance, to initialize the
1286 it is possible to use something like:
1291 Also, if you want to configure your wireless interface with
1292 .Xr wpa_supplicant 8
1293 for use with WPA, EAP/LEAP or WEP, you need to add
1296 .Va ifconfig_ Ns Aq Ar interface
1299 Finally, you can add
1301 options in this variable, in addition to the
1302 .Pa /etc/start_if. Ns Aq Ar interface
1304 For instance, to configure an
1306 wireless device in station mode with an address obtained
1307 via DHCP, using WPA authentication and 802.11b mode, it is
1308 possible to use something like:
1311 ifconfig_wlan0="DHCP WPA mode 11b"
1315 .Va ifconfig_ Ns Aq Ar interface
1316 form, a fallback variable
1317 .Va ifconfig_DEFAULT
1319 It will be used for all interfaces with no
1320 .Va ifconfig_ Ns Aq Ar interface
1322 This is intended to replace the no longer supported
1326 It is also possible to rename an interface by doing:
1328 ifconfig_ed0_name="net0"
1329 ifconfig_net0="inet 192.0.2.1 netmask 0xffffff00"
1333 This variable is deprecated.
1335 .Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
1337 .Va ipv6_activate_all_interfaces
1342 .Dq Li inet6 accept_rtadv
1344 .Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
1346 .Va ipv6_activate_all_interfaces
1351 This variable is deprecated.
1353 .Va ip6addrctl_policy
1358 the default address selection policy table set by
1360 will be IPv6-preferred.
1364 the default address selection policy table set by
1366 will be IPv4-preferred.
1367 .It Va ipv6_activate_all_interfaces
1369 This controls initial configuration on IPv6-capable
1370 interfaces with no corresponding
1371 .Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
1373 Note that it is not always necessary to set this variable to
1375 to use IPv6 functionality on
1377 In most cases, just configuring
1378 .Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
1383 all interfaces which do not have a corresponding
1384 .Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
1385 variable will be marked as
1388 This means that all of IPv6 functionality on that interface
1389 is completely disabled to enforce a security policy.
1390 If the variable is set to
1392 the flag will be cleared on all of the interfaces.
1394 In most cases, just defining an
1395 .Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
1396 for an IPv6-capable interface should be sufficient.
1397 However, if an interface is added dynamically
1398 .Pq by some tunneling protocols such as PPP, for example ,
1399 it is often difficult to define the variable in advance.
1400 In such a case, configuring the
1402 flag can be disabled by setting this variable to
1405 For more details of the
1408 .Dq Li inet6 ifdisabled ,
1418 privacy addresses will be generated for each IPv6
1419 interface as described in RFC 4941.
1420 .It Va ipv6_network_interfaces
1422 This is the IPv6 equivalent of
1423 .Va network_interfaces .
1424 Normally manual configuration of this variable is not needed.
1426 .It Va ipv6_cpe_wanif
1428 If the variable is set to an interface name,
1432 .Dq inet6 -no_radr accept_rtadv
1433 will be added to the specified interface automatically before evaluating
1434 .Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 ,
1438 .Va net.inet6.ip6.rfc6204w3
1440 .Va net.inet6.ip6.no_radr
1443 This means the specified interface will accept ICMPv6 Router
1444 Advertisement messages on that link and add the discovered
1445 routers into the Default Router List.
1446 While the other interfaces can still accept RA messages if the
1447 .Dq inet6 accept_rtadv
1448 option is specified, adding
1449 routes into the Default Router List will be disabled by
1456 Note that ICMPv6 Router Advertisement messages will be
1458 .Va net.inet6.ip6.forwarding
1460 .Pq packet forwarding is enabled
1462 .Va net.inet6.ip6.rfc6204w3
1467 .It Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
1469 IPv6 functionality on an interface should be configured by
1470 .Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 ,
1471 instead of setting ifconfig parameters in
1472 .Va ifconfig_ Ns Aq Ar interface .
1473 If this variable is empty, all of IPv6 configurations on the
1474 specified interface by other variables such as
1475 .Va ipv6_prefix_ Ns Ao Ar interface Ac
1478 Aliases should be set by
1479 .Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
1485 ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64"
1486 ifconfig_ed0_alias0="inet6 2001:db8:2::1 prefixlen 64"
1489 Interfaces that have an
1490 .Dq Li inet6 accept_rtadv
1492 .Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
1493 setting will be automatically configured by SLAAC
1494 .Pq StateLess Address AutoConfiguration
1500 Note that a link-local address will be automatically configured in
1501 addition to the configured global-scope addresses because the IPv6
1502 specifications require it on each link.
1503 The address is calculated from the MAC address by using an algorithm
1510 If only a link-local address is needed on the interface,
1511 the following configuration can be used:
1513 ifconfig_ed0_ipv6="inet6 auto_linklocal"
1516 A link-local address can also be configured manually.
1517 This is useful for the default router address of an IPv6 router
1518 so that it does not change when the network interface
1522 ifconfig_ed0_ipv6="inet6 fe80::1 prefixlen 64"
1524 .It Va ipv6_prefix_ Ns Aq Ar interface
1526 If one or more prefixes are defined in
1527 .Va ipv6_prefix_ Ns Aq Ar interface
1528 addresses based on each prefix and the EUI-64 interface index will be
1529 configured on that interface.
1530 Note that this variable will be ignored when
1531 .Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
1534 For example, the following configuration
1536 ipv6_prefix_ed0="2001:db8:1:0 2001:db8:2:0"
1539 is equivalent to the following:
1541 ifconfig_ed0_alias0="inet6 2001:db8:1:: eui64 prefixlen 64"
1542 ifconfig_ed0_alias1="inet6 2001:db8:1:: prefixlen 64 anycast"
1543 ifconfig_ed0_alias2="inet6 2001:db8:2:: eui64 prefixlen 64"
1544 ifconfig_ed0_alias3="inet6 2001:db8:2:: prefixlen 64 anycast"
1547 These Subnet-Router anycast addresses will be added only when
1548 .Va ipv6_gateway_enable
1550 .It Va ipv6_default_interface
1554 this is the default output interface for scoped addresses.
1555 This works only with ipv6_gateway_enable="NO".
1556 .It Va ip6addrctl_enable
1558 This variable is to enable configuring default address selection policy table
1560 The table can be specified in another variable
1561 .Va ip6addrctl_policy .
1563 .Va ip6addrctl_policy
1564 the following keywords can be specified:
1565 .Dq Li ipv4_prefer ,
1566 .Dq Li ipv6_prefer ,
1576 installs a pre-defined policy table described in Section 2.1
1584 is specified, it attempts to read a file
1585 .Pa /etc/ip6addrctl.conf
1587 If this file is found,
1589 reads and installs it.
1590 If not found, a policy is automatically set
1592 .Va ipv6_activate_all_interfaces
1593 variable; if the variable is set to
1595 the IPv6-preferred one is used.
1596 Otherwise IPv4-preferred.
1598 The default value of
1599 .Va ip6addrctl_enable
1601 .Va ip6addrctl_policy
1607 .It Va cloned_interfaces
1609 Set to the list of clonable network interfaces to create on this host.
1610 Further cloning arguments may be passed to the
1613 command for each interface by setting the
1614 .Va create_args_ Ns Aq Ar interface
1617 .Va cloned_interfaces
1618 are automatically appended to
1619 .Va network_interfaces
1621 .It Va fec_interfaces
1625 Fast EtherChannel interfaces to configure on this host.
1627 .Va fecconfig_ Ns Aq Ar interface
1628 variable is assumed to exist for each value of
1630 The value of this variable is used to configure link aggregated interfaces
1631 according to the syntax of the
1632 .Cm NGM_FEC_ADD_IFACE
1636 Additionally, this option ensures that each listed interface is created
1641 before attempting to configure it.
1644 fec_interfaces="fec0"
1645 fecconfig_fec0="em0 em1"
1646 ifconfig_fec0="DHCP"
1648 .It Va gif_interfaces
1652 tunnel interfaces to configure on this host.
1654 .Va gifconfig_ Ns Aq Ar interface
1655 variable is assumed to exist for each value of
1657 The value of this variable is used to configure the link layer of the
1658 tunnel according to the syntax of the
1662 Additionally, this option ensures that each listed interface is created
1667 before attempting to configure it.
1668 .It Va sppp_interfaces
1672 interfaces to configure on this host.
1674 .Va spppconfig_ Ns Aq Ar interface
1675 variable is assumed to exist for each value of
1677 Each interface should also be configured by a general
1678 .Va ifconfig_ Ns Aq Ar interface
1682 for more information about available options.
1692 The name of the profile to use from
1693 .Pa /etc/ppp/ppp.conf .
1694 Also used for per-profile overrides of
1699 .Va ppp_ Ns Ao Ar profile Ac Ns _unit .
1700 When the profile name contains any of the characters
1702 they are translated to
1704 for the proposes of the override variable names.
1707 Mode in which to run the
1710 .It Va ppp_ Ns Ao Ar profile Ac Ns _mode
1712 Overrides the global
1722 See the manual for a full description.
1727 enables network address translation.
1728 Used in conjunction with
1730 allows hosts on private network addresses access to the Internet using
1731 this host as a network address translating router.
1732 .It Va ppp_ Ns Ao Ar profile Ac Ns _nat
1734 Overrides the global
1738 .It Va ppp_ Ns Ao Ar profile Ac Ns _unit
1740 Set the unit number to be used for this profile.
1741 See the manual description of
1746 The name of the user under which
1754 .It Va rc_conf_files
1756 This option is used to specify a list of files that will override
1758 .Pa /etc/defaults/rc.conf .
1759 The files will be read in the order in which they are specified and should
1760 include the full path to the file.
1761 By default, the files specified are
1764 .Pa /etc/rc.conf.local
1770 will attempt to automatically mount ZFS file systems and initialize ZFS volumes
1772 .It Va gptboot_enable
1776 .Pa /etc/rc.d/gptboot
1777 will log if the system successfully (or not) booted from a GPT partition,
1783 .It Va gbde_autoattach_all
1788 will attempt to automatically initialize your .bde devices in
1792 List the devices that the script should try to attach,
1797 The directory where the
1799 lockfiles are located.
1800 The default lockfile directory is
1803 The lockfile for each individual
1805 device can be overridden by setting the variable
1806 .Va gbde_lock_ Ns Aq Ar device ,
1809 is the encrypted device without the
1814 .It Va gbde_attach_attempts
1816 Number of times to attempt attaching to a
1818 device, i.e., how many times the user is asked for the pass-phrase.
1822 List of devices to automatically attach on boot.
1823 Note that .eli devices from
1825 are automatically appended to this list.
1828 Number of times user is asked for the pass-phrase.
1829 If empty, it will be taken from
1830 .Va kern.geom.eli.tries
1832 .It Va geli_default_flags
1834 Default flags to use by
1836 when configuring disk encryption.
1837 Flags can be configured for every device separately by defining
1838 .Va geli_ Ns Ao Ar device Ac Ns Va _flags
1840 .It Va geli_autodetach
1842 Specifies if GELI devices should be marked for detach on last close after
1843 file systems are mounted.
1846 This can be changed for every device separately by defining
1847 .Va geli_ Ns Ao Ar device Ac Ns Va _autodetach
1849 .It Va geli_swap_flags
1850 Options passed to the
1852 utility when encrypted GEOM providers for swap partitions are created.
1854 .Dq Li "-e aes -l 256 -s 4096 -d" .
1855 .It Va root_rw_mount
1860 After the file systems are checked at boot time, the root file system
1861 is remounted as read-write if this is set to
1863 Diskless systems that mount their root file system from a read-only remote
1864 NFS share should set this to
1868 .It Va fsck_y_enable
1873 will be run with the
1875 flag if the initial preen
1876 of the file systems fails.
1877 .It Va background_fsck
1881 the system will attempt to run
1883 in the background where possible.
1884 .It Va background_fsck_delay
1886 The amount of time in seconds to sleep before starting a background
1888 It defaults to sixty seconds to allow large applications such as
1889 the X server to start before disk I/O bandwidth is monopolized by
1891 If set to a negative number, the background file system check will be
1892 delayed indefinitely to allow the administrator to run it at a more
1894 For example it may be run from
1896 by adding a line like
1898 .Dl "0 4 * * * root /etc/rc.d/bgfsck forcestart"
1904 List of file system types that are network-based.
1905 This list should generally not be modified by end users.
1907 .Va extra_netfs_types
1909 .It Va extra_netfs_types
1911 If set to something other than
1914 this variable extends the list of file system types
1915 for which automatic mounting at startup by
1917 should be delayed until the network is initialized.
1919 a whitespace-separated list of network file system descriptor pairs,
1920 each consisting of a file system type as passed to
1922 and a human-readable, one-word description,
1925 Extending the default list in this way is only necessary
1926 when third party file system types are used.
1927 .It Va syslogd_enable
1934 .It Va syslogd_program
1939 .Pa /usr/sbin/syslogd ) .
1940 .It Va syslogd_flags
1946 these are the flags to pass to
1955 .It Va inetd_program
1960 .Pa /usr/sbin/inetd ) .
1967 these are the flags to pass to
1976 .It Va hastd_program
1988 these are the flags to pass to
1997 .It Va named_program
2002 .Pa /usr/sbin/named ) .
2007 configuration file, (default
2008 .Pa /etc/namedb/named.conf ) .
2015 these are the flags to pass to
2021 process should be run as.
2022 .It Va named_chrootdir
2024 The root directory for a name server run in a
2026 environment (default
2030 will not be run in a
2033 .It Va named_chroot_autoupdate
2037 to disable automatic update of the
2040 .It Va named_symlink_enable
2044 to disable symlinking of
2053 loop until working name service is established.
2054 .It Va named_wait_host
2056 Name of host to lookup for the named_wait option.
2058 .It Va named_auto_forward
2060 Set to enable automatic creation of a forwarder
2061 configuration file derived from
2062 .Pa /etc/resolv.conf .
2063 .It Va named_auto_forward_only
2065 Set to change the default forwarder configuration from
2069 .It Va kerberos5_server_enable
2073 to start a Kerberos 5 authentication server
2075 .It Va kerberos5_server
2078 .Va kerberos5_server_enable
2081 this is the path to Kerberos 5 Authentication Server.
2082 .It Va kerberos5_server_flags
2085 This variable contains additional flags to be passed to the Kerberos 5
2086 authentication server.
2087 .It Va kadmind5_server_enable
2093 the Kerberos 5 Administration Daemon; set to
2096 .It Va kadmind5_server
2099 .Va kadmind5_server_enable
2102 this is the path to Kerberos 5 Administration Daemon.
2103 .It Va kpasswdd_server_enable
2109 the Kerberos 5 Password-Changing Daemon; set to
2112 .It Va kpasswdd_server
2115 .Va kpasswdd_server_enable
2118 this is the path to Kerberos 5 Password-Changing Daemon.
2125 the Kerberos 5 ticket forwarding daemon, at the boot time.
2131 .Pa /usr/libexec/kfd ) .
2138 daemon at boot time.
2145 these are the flags to pass to it.
2152 daemon at boot time.
2159 these are the flags to pass to it.
2162 manpage for more information.
2163 .It Va amd_map_program
2166 the specified program is run to get the list of
2171 maps are stored in NIS, one can set this to
2184 will be updated at boot time to reflect the kernel release
2189 will not be updated.
2190 .It Va nfs_client_enable
2194 run the NFS client daemons at boot time.
2195 .It Va nfs_access_cache
2198 .Va nfs_client_enable
2203 to disable NFS ACCESS RPC caching, or to the number of seconds for which
2205 results should be cached.
2206 A value of 2-10 seconds will substantially reduce network
2207 traffic for many NFS operations.
2208 .It Va nfs_server_enable
2212 run the NFS server daemons at boot time.
2213 .It Va nfs_server_flags
2216 .Va nfs_server_enable
2219 these are the flags to pass to the
2222 .It Va nfsv4_server_enable
2225 .Va nfs_server_enable
2229 .Va nfsv4_server_enable
2232 enable the server for NFSv4 as well as NFSv2 and NFSv3.
2233 .It Va nfsuserd_enable
2239 run the nfsuserd daemon, which is needed for NFSv4 in order
2240 to map between user/group names vs uid/gid numbers.
2242 .Va nfsv4_server_enable
2245 this will be forced enabled.
2246 .It Va nfsuserd_flags
2252 these are the flags to pass to the
2255 .It Va nfscbd_enable
2261 run the nfscbd daemon, which enables callbacks/delegations for the NFSv4 client.
2268 these are the flags to pass to the
2271 .It Va oldnfs_server_enable
2274 .Va oldnfs_server_enable
2277 force the NFS server daemons to run the old NFS server code
2278 that does not support NFSv4.
2279 .It Va mountd_enable
2284 .Va nfs_server_enable
2290 It is commonly needed to run CFS without real NFS used.
2297 these are the flags to pass to the
2300 .It Va weak_mountd_authentication
2304 allow services like PCNFSD to make non-privileged mount
2306 .It Va nfs_reserved_port_only
2310 provide NFS services only on a secure port.
2311 .It Va nfs_bufpackets
2313 If set to a number, indicates the number of packets worth of
2314 socket buffer space to reserve on an NFS client.
2315 The kernel default is typically 4.
2316 Using a higher number may be
2317 useful on gigabit networks to improve performance.
2318 The minimum value is
2319 2 and the maximum is 64.
2320 .It Va rpc_lockd_enable
2324 and also an NFS server or client, run
2327 .It Va rpc_lockd_flags
2330 .Va rpc_lockd_enable
2333 these are the flags to pass to the
2336 .It Va rpc_statd_enable
2340 and also an NFS server or client, run
2343 .It Va rpc_statd_flags
2346 .Va rpc_statd_enable
2349 these are the flags to pass to the
2352 .It Va rpcbind_program
2357 .Pa /usr/sbin/rpcbind ) .
2358 .It Va rpcbind_enable
2364 service at boot time.
2365 .It Va rpcbind_flags
2371 these are the flags to pass to the
2374 .It Va keyserv_enable
2380 daemon on boot for running Secure RPC.
2381 .It Va keyserv_flags
2387 these are the flags to pass to
2390 .It Va pppoed_enable
2396 daemon at boot time to provide PPP over Ethernet services.
2397 .It Va pppoed_ Ns Aq Ar provider
2400 listens to requests to this
2406 argument of the same name.
2409 Additional flags to pass to
2411 .It Va pppoed_interface
2413 The network interface to run
2416 This is mandatory when
2426 service at boot time.
2427 This command is intended for networks of
2428 machines where a consistent
2430 for all hosts must be established.
2431 This is often useful in large NFS
2432 environments where time stamps on files are expected to be consistent
2440 these are the flags to pass to the
2443 .It Va ntpdate_enable
2450 This command is intended to
2451 synchronize the system clock only
2453 from some standard reference.
2454 .It Va ntpdate_config
2456 Configuration file for
2460 .It Va ntpdate_hosts
2462 A whitespace-separated list of NTP servers to synchronize with at startup.
2463 The default is to use the servers listed in
2464 .Va ntpdate_config ,
2465 if that file exists.
2466 .It Va ntpdate_program
2471 .Pa /usr/sbin/ntpdate ) .
2472 .It Va ntpdate_flags
2478 these are the flags to pass to the
2480 command (typically a hostname).
2487 command at boot time.
2493 .Pa /usr/sbin/ntpd ) .
2507 these are the flags to pass to the
2510 .It Va ntpd_sync_on_start
2517 flag, which syncs the system's clock on startup.
2520 for more information regarding the
2523 This is a preferred alternative to using
2528 .It Va nis_client_enable
2534 service at system boot time.
2535 .It Va nis_client_flags
2538 .Va nis_client_enable
2541 these are the flags to pass to the
2544 .It Va nis_ypset_enable
2550 daemon at system boot time.
2551 .It Va nis_ypset_flags
2554 .Va nis_ypset_enable
2557 these are the flags to pass to the
2560 .It Va nis_server_enable
2566 daemon at system boot time.
2567 .It Va nis_server_flags
2570 .Va nis_server_enable
2573 these are the flags to pass to the
2576 .It Va nis_ypxfrd_enable
2582 daemon at system boot time.
2583 .It Va nis_ypxfrd_flags
2586 .Va nis_ypxfrd_enable
2589 these are the flags to pass to the
2592 .It Va nis_yppasswdd_enable
2598 daemon at system boot time.
2599 .It Va nis_yppasswdd_flags
2602 .Va nis_yppasswdd_enable
2605 these are the flags to pass to the
2608 .It Va rpc_ypupdated_enable
2614 daemon at system boot time.
2615 .It Va bsnmpd_enable
2621 daemon at system boot time.
2622 Be sure to understand the security implications of running SNMP daemon
2630 these are the flags to pass to the
2633 .It Va defaultrouter
2637 create a default route to this host name or IP address
2638 (use an IP address if this router is also required to get to the
2640 .It Va ipv6_defaultrouter
2642 The IPv6 equivalent of
2644 .It Va static_arp_pairs
2646 Set to the list of static ARP pairs that are to be added at system
2648 For each whitespace separated
2651 .Va static_arp_ Ns Aq Ar element
2652 variable is assumed to exist whose contents will later be passed to a
2657 static_arp_pairs="gw"
2658 static_arp_gw="192.168.1.1 00:01:02:03:04:05"
2660 .It Va static_ndp_pairs
2662 Set to the list of static NDP pairs that are to be added at system
2664 For each whitespace separated
2667 .Va static_ndp_ Ns Aq Ar element
2668 variable is assumed to exist whose contents will later be passed to a
2673 static_ndp_pairs="gw"
2674 static_ndp_gw="2001:db8:3::1 00:01:02:03:04:05"
2676 .It Va static_routes
2678 Set to the list of static routes that are to be added at system
2682 then for each whitespace separated
2685 .Va route_ Ns Aq Ar element
2686 variable is assumed to exist
2687 whose contents will later be passed to a
2692 static_routes="mcast gif0local"
2693 route_mcast="-net 224.0.0.0/4 -iface gif0"
2694 route_gif0local="-host 169.254.1.1 -iface lo0"
2696 .It Va ipv6_static_routes
2698 The IPv6 equivalent of
2702 then for each whitespace separated
2705 .Va ipv6_route_ Ns Aq Ar element
2706 variable is assumed to exist
2707 whose contents will later be passed to a
2708 .Dq Nm route Cm add Fl inet6
2710 .It Va natm_static_routes
2716 If not empty then for each whitespace separated
2719 .Va route_ Ns Aq Ar element
2720 variable is assumed to exist whose contents will later be passed to a
2721 .Dq Nm atmconfig Cm natm Cm add
2723 .It Va gateway_enable
2727 configure host to act as an IP router, e.g.\& to forward packets
2729 .It Va ipv6_gateway_enable
2731 The IPv6 equivalent of
2732 .Va gateway_enable .
2733 .It Va routed_enable
2737 run a routing daemon of some sort, based on the
2742 .It Va route6d_enable
2744 The IPv6 equivalent of
2748 run a routing daemon of some sort, based on the
2753 .It Va routed_program
2759 this is the name of the routing daemon to use.
2760 .It Va route6d_program
2762 The IPv6 equivalent of
2763 .Va routed_program .
2770 these are the flags to pass to the routing daemon.
2771 .It Va route6d_flags
2773 The IPv6 equivalent of
2775 .It Va mrouted_enable
2779 run the multicast routing daemon,
2781 .It Va mroute6d_enable
2783 The IPv6 equivalent of
2784 .Va mrouted_enable .
2787 run the IPv6 multicast routing daemon.
2789 Note that multicast routing daemons are no longer included in the
2791 base system, however, both
2795 may be installed from the
2798 .It Va mrouted_flags
2804 these are the flags to pass to the
2807 .It Va mroute6d_flags
2809 The IPv6 equivalent of
2815 these are the flags passed to the IPv6 multicast routing daemon.
2816 .It Va mroute6d_program
2822 this is the path to the IPv6 multicast routing daemon.
2823 .It Va rtadvd_enable
2829 daemon at boot time.
2832 utility sends ICMPv6 Router Advertisement messages to
2833 the interfaces specified in
2834 .Va rtadvd_interfaces .
2835 This should only be enabled with great care.
2836 You may want to fine-tune
2838 .It Va rtadvd_interfaces
2844 this is the list of interfaces to use.
2845 .It Va ipxgateway_enable
2849 enable the routing of IPX traffic.
2850 .It Va ipxrouted_enable
2856 daemon at system boot time.
2857 .It Va ipxrouted_flags
2860 .Va ipxrouted_enable
2863 these are the flags to pass to the
2870 enable global proxy ARP.
2871 .It Va forward_sourceroute
2879 source-routed packets are forwarded.
2880 .It Va accept_sourceroute
2884 the system will accept source-routed packets directed at it.
2891 daemon at system boot time.
2898 these are the flags to pass to the
2901 .It Va bootparamd_enable
2907 daemon at system boot time.
2908 .It Va bootparamd_flags
2911 .Va bootparamd_enable
2914 these are the flags to pass to the
2917 .It Va stf_interface_ipv4addr
2921 this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling
2923 Specify this entry to enable the 6to4 interface.
2924 .It Va stf_interface_ipv4plen
2926 Prefix length for 6to4 IPv4 addresses, to limit peer address range.
2927 An effective value is 0-31.
2928 .It Va stf_interface_ipv6_ifid
2930 IPv6 interface ID for
2934 .It Va stf_interface_ipv6_slaid
2936 IPv6 Site Level Aggregator for
2938 .It Va ipv6_faith_prefix
2942 this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP
2947 .It Va ipv6_ipv4mapping
2951 this enables IPv4 mapped IPv6 address communication (like
2952 .Li ::ffff:a.b.c.d ) .
2953 .It Va rtsold_enable
2959 daemon to send ICMPv6 Router Solicitation messages.
2966 these are the flags to pass to
2970 For interfaces configured with the
2971 .Dq Li inet6 accept_rtadv
2972 keyword, these are the flags to pass to
2977 is mutually exclusive to
2985 to enable the configuration of ATM interfaces at system boot time.
2986 For all of the ATM variables described below, please refer to the
2988 manual page for further details on the available command parameters.
2989 Also refer to the files in
2990 .Pa /usr/share/examples/atm
2991 for more detailed configuration information.
2994 This is a list of physical ATM interface drivers to load.
2999 .It Va atm_netif_ Ns Aq Ar intf
3001 For the ATM physical interface
3003 this variable defines the name prefix and count for the ATM network
3004 interfaces to be created.
3005 The value will be passed as the parameters of an
3006 .Dq Nm atm Cm "set netif" Ar intf
3008 .It Va atm_sigmgr_ Ns Aq Ar intf
3010 For the ATM physical interface
3012 this variable defines the ATM signalling manager to be used.
3013 The value will be passed as the parameters of an
3014 .Dq Nm atm Cm attach Ar intf
3016 .It Va atm_prefix_ Ns Aq Ar intf
3018 For the ATM physical interface
3020 this variable defines the NSAP prefix for interfaces using a UNI signalling
3024 the prefix will automatically be set via the
3027 Otherwise, the value will be passed as the parameters of an
3028 .Dq Nm atm Cm "set prefix" Ar intf
3030 .It Va atm_macaddr_ Ns Aq Ar intf
3032 For the ATM physical interface
3034 this variable defines the MAC address for interfaces using a UNI signalling
3038 the hardware MAC address contained in the ATM interface card will be used.
3039 Otherwise, the value will be passed as the parameters of an
3040 .Dq Nm atm Cm "set mac" Ar intf
3042 .It Va atm_arpserver_ Ns Aq Ar netif
3044 For the ATM network interface
3046 this variable defines the ATM address for a host which is to provide ATMARP
3048 This variable is only applicable to interfaces using a UNI signalling
3052 this host will become an ATMARP server.
3053 The value will be passed as the parameters of an
3054 .Dq Nm atm Cm "set arpserver" Ar netif
3056 .It Va atm_scsparp_ Ns Aq Ar netif
3060 SCSP/ATMARP service for the network interface
3062 will be initiated using the
3067 This variable is only applicable if
3068 .Va atm_arpserver_ Ns Aq Ar netif
3073 Set to the list of ATM PVCs to be added at system
3075 For each whitespace separated
3078 .Va atm_pvc_ Ns Aq Ar element
3079 variable is assumed to exist.
3080 The value of each of these variables
3081 will be passed as the parameters of an
3082 .Dq Nm atm Cm "add pvc"
3086 Set to the list of permanent ATM ARP entries to be added
3087 at system boot time.
3088 For each whitespace separated
3091 .Va atm_arp_ Ns Aq Ar element
3092 variable is assumed to exist.
3093 The value of each of these variables
3094 will be passed as the parameters of an
3095 .Dq Nm atm Cm "add arp"
3097 .It Va natm_interfaces
3101 interfaces that will also be used for HARP through
3103 If this list is not empty all interfaces in the list will be brought up
3109 For this to work the interface drivers must be either compiled into the
3110 kernel or must reside on the root partition.
3113 The keyboard bell sound.
3120 if the default behavior is desired.
3121 For details, refer to the
3126 If set to a non-null string, the virtual console's keyboard input is
3132 no keymap is installed, otherwise the value is used to install
3134 .Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd .
3137 The keyboard repeat speed.
3144 if the default behavior is desired.
3149 attempt to program the function keys with the value.
3151 be a single string of the form:
3152 .Dq Ar funkey_number new_value Op Ar funkey_number new_value ... .
3155 Can be set to the value of
3158 .Dq Li destructive ,
3161 to set the cursor behavior explicitly or choose the default behavior.
3166 no screen map is installed, otherwise the value is used to install
3167 the screen map file in
3168 .Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value .
3173 the default 8x16 font value is used for screen size requests, otherwise
3175 .Pa /usr/share/syscons/fonts/ Ns Aq Ar value
3181 the default 8x14 font value is used for screen size requests, otherwise
3183 .Pa /usr/share/syscons/fonts/ Ns Aq Ar value
3189 the default 8x8 font value is used for screen size requests, otherwise
3191 .Pa /usr/share/syscons/fonts/ Ns Aq Ar value
3197 the default screen blanking interval is used, otherwise it is set
3205 this is the actual screen saver to use
3206 .Li ( blank , snake , daemon ,
3208 .It Va moused_nondefault_enable
3212 the mouse device specified on
3213 the command line is not automatically treated as enabled by the
3214 .Pa /etc/rc.d/moused
3216 Having this variable set to
3222 to be enabled as soon as it is plugged in.
3223 .It Va moused_enable
3229 daemon is started for doing cut/paste selection on the console.
3232 This is the protocol type of the mouse connected to this host.
3233 This variable must be set if
3240 is able to detect the appropriate mouse type automatically in many cases.
3241 Set this variable to
3243 to let the daemon detect it, or
3244 select one from the following list if the automatic detection fails.
3246 If the mouse is attached to the PS/2 mouse port, choose
3250 regardless of the brand and model of the mouse.
3252 mouse is attached to the bus mouse port, choose
3256 All other protocols are for serial mice and will not work with
3257 the PS/2 and bus mice.
3258 If this is a USB mouse,
3260 is the only protocol type which will work.
3262 .Bl -tag -width ".Li x10mouseremote" -compact
3264 Microsoft mouse (serial)
3266 Microsoft IntelliMouse (serial)
3268 Mouse systems Corp.\& mouse (serial)
3270 MM Series mouse (serial)
3272 Logitech mouse (serial)
3276 Logitech MouseMan and TrackMan (serial)
3278 ALPS GlidePoint (serial)
3279 .It Li thinkingmouse
3280 Kensington ThinkingMouse (serial)
3284 MM HitTablet (serial)
3285 .It Li x10mouseremote
3286 X10 MouseRemote (serial)
3288 Interlink VersaPad (serial)
3291 Even if the mouse is not in the above list, it may be compatible
3292 with one in the list.
3293 Refer to the manual page for
3295 for compatibility information.
3297 It should also be noted that while this is enabled, any
3298 other client of the mouse (such as an X server) should access
3299 the mouse through the virtual mouse device,
3301 and configure it as a
3303 type mouse, since all
3304 mouse data is converted to this single canonical format when
3307 If the client program does not support the
3313 It is the second preferred type.
3320 this is the actual port the mouse is on.
3323 for a COM1 serial mouse,
3327 for a bus mouse, for example.
3332 is set, its value is used as an additional set of flags to pass to the
3335 .It Va "moused_" Ns Ar XXX Ns Va "_flags"
3337 .Va moused_nondefault_enable
3340 daemon is started for a non-default port, the
3341 .Va "moused_" Ns Ar XXX Ns Va "_flags"
3342 set of options has precedence over and replaces the default
3346 is the name of the non-default port, i.e.,\&
3349 .Va "moused_" Ns Ar XXX Ns Va "_flags"
3350 it is possible to set up a different set of default flags for each
3353 For example, you can use
3357 to make your laptop's touchpad more comfortable to use,
3358 but an empty set of options for
3359 .Va moused_ums0_flags
3362 mouse has three or more buttons.
3363 .It Va mousechar_start
3367 the default mouse cursor character range
3368 .Li 0xd0 Ns - Ns Li 0xd3
3370 otherwise the range start is set
3375 Use if the default range is occupied in the language code table.
3376 .It Va allscreens_flags
3380 is run with these options for each of the virtual terminals
3384 will enable the mouse pointer on all virtual terminals
3389 .It Va allscreens_kbdflags
3393 is run with these options for each of the virtual terminals
3399 scrollback (history) buffer to 200 lines.
3406 daemon at system boot time.
3412 .Pa /usr/sbin/cron ) .
3419 these are the flags to pass to
3425 enable the special handling of transitions to and from the
3426 Daylight Saving Time in
3428 (equivalent to using the flag
3435 .Pa /usr/sbin/lpd ) .
3442 daemon at system boot time.
3449 these are the flags to pass to the
3452 .It Va chkprintcap_enable
3458 command before starting the
3461 .It Va chkprintcap_flags
3466 .Va chkprintcap_enable
3469 these are the flags to pass to the
3474 which causes missing directories to be created.
3475 .It Va mta_start_script
3477 This variable specifies the full path to the script to run to start
3478 a mail transfer agent.
3480 .Pa /etc/rc.sendmail .
3484 .Pa /etc/rc.sendmail
3485 uses are documented in the
3490 Indicates the device (usually a swap partition) to which a crash dump
3491 should be written in the event of a system crash.
3492 If the value of this variable is
3494 the first suitable swap device listed in
3496 will be used as dump device.
3497 Otherwise, the value of this variable is passed as the argument to
3499 To disable crash dumps, set this variable to
3503 When the system reboots after a crash and a crash dump is found on the
3504 device specified by the
3508 will save that crash dump and a copy of the kernel to the directory
3512 The default value is
3521 .It Va savecore_flags
3523 If crash dumps are enabled, these are the flags to pass to the
3530 to turn on user and group disk quotas on system startup via the
3532 command for all file systems marked as having quotas enabled in
3534 The kernel must be built with
3536 for disk quotas to function.
3541 to enable user and group disk quota checking via the
3544 .It Va quotacheck_flags
3554 these are the flags to pass to the
3559 which checks quotas for all file systems with quotas enabled in
3561 .It Va quotaon_flags
3567 these are the flags to pass to the
3572 which enables quotas for all file systems with quotas enabled in
3574 .It Va quotaoff_flags
3580 these are the flags to pass to the
3582 utility when shutting down the quota system.
3585 which disables quotas for all file systems with quotas enabled in
3587 .It Va accounting_enable
3591 to enable system accounting through the
3598 to enable iBCS2 (SCO) binary emulation at system initial boot
3600 .It Va ibcs2_loaders
3608 this specifies a list of additional iBCS2 loaders to enable.
3613 to enable Linux/ELF binary emulation at system initial
3619 enable SysVR4 emulation at boot time.
3620 .It Va sysvipc_enable
3624 load System V IPC primitives at boot time.
3625 .It Va clear_tmp_enable
3636 to disable removing of X11 lock files,
3637 and the removal and (secure) recreation
3638 of the various socket directories for X11
3640 .It Va ldconfig_paths
3642 Set to the list of shared library paths to use with
3646 will always be added first, so it need not appear in this list.
3647 .It Va ldconfig32_paths
3649 Set to the list of 32-bit compatibility shared library paths to
3652 .It Va ldconfig_paths_aout
3654 Set to the list of shared library paths to use with
3659 .It Va ldconfig_insecure
3663 utility normally refuses to use directories
3664 which are writable by anyone except root.
3665 Set this variable to
3667 to disable that security check during system startup.
3668 .It Va ldconfig_local_dirs
3670 Set to the list of local
3673 The names of all files in the directories listed will be
3674 passed as arguments to
3676 .It Va ldconfig_local32_dirs
3678 Set to the list of local 32-bit compatibility
3681 The names of all files in the directories listed will be
3682 passed as arguments to
3683 .Dq Nm ldconfig Fl 32 .
3684 .It Va kern_securelevel_enable
3688 to set the kernel security level at system startup.
3689 .It Va kern_securelevel
3691 The kernel security level to set at startup.
3692 The allowed range of
3694 ranges from \-1 (the compile time default) to 3 (the
3698 for the list of possible security levels and their effect
3699 on system operation.
3702 Path to the SSH server program
3703 .Pa ( /usr/sbin/sshd
3711 at system boot time.
3718 these are the flags to pass to the
3723 Path to the FTP server program
3724 .Pa ( /usr/libexec/ftpd
3732 as a stand-alone daemon at system boot time.
3739 these are the additional flags to pass to the
3742 .It Va watchdogd_enable
3748 daemon at boot time.
3749 This requires that the kernel have been compiled with a
3752 .It Va watchdogd_flags
3755 .Va watchdogd_enable
3758 these are the flags passed to the
3761 .It Va devfs_rulesets
3763 List of files containing sets of rules for
3765 .It Va devfs_system_ruleset
3767 Rule name(s) to apply to the system
3770 .It Va devfs_set_rulesets
3772 Pairs of already-mounted
3774 directories and rulesets that should be applied to them.
3775 For example: /mount/dev=ruleset_name
3776 .It Va devfs_load_rulesets
3778 If set, always load the default rulesets listed in
3779 .Va devfs_rulesets .
3780 .It Va performance_cx_lowest
3782 CPU idle state to use while on AC power.
3787 should use the lowest power state available while
3789 indicates that the lowest latency state (less power savings) should be used.
3790 .It Va performance_cpu_freq
3792 CPU clock frequency to use while on AC power.
3797 should use the lowest frequency available while
3799 indicates that the highest frequency (less power savings) should be used.
3800 .It Va economy_cx_lowest
3802 CPU idle state to use when off AC power.
3807 should use the lowest power state available while
3809 indicates that the lowest latency state (less power savings) should be used.
3810 .It Va economy_cpu_freq
3812 CPU clock frequency to use when off AC power.
3817 should use the lowest frequency available while
3819 indicates that the highest frequency (less power savings) should be used.
3824 any configured jails will not be started.
3825 .It Va jail_parallel_start
3829 all configured jails will be started in the background (in parallel).
3832 A space separated list of names for jails.
3833 This is purely a configuration aid to help identify and
3834 configure multiple jails.
3835 The names specified in this list will be used to
3836 identify settings common to an instance of a jail,
3837 and should contain alphanumeric characters only.
3838 Assuming that the jail in question was named
3840 you would have the following dependent variables:
3842 jail_vjail_hostname="jail.example.com"
3843 jail_vjail_ip="192.0.2.100"
3844 jail_vjail_rootdir="/var/jails/vjail/root"
3850 When set, use as default value for
3851 .Va jail_ Ns Ao Ar jname Ac Ns Va _flags
3854 .It Va jail_interface
3857 When set, use as default value for
3858 .Va jail_ Ns Ao Ar jname Ac Ns Va _interface
3864 When set, use as default value for
3865 .Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
3868 .It Va jail_mount_enable
3876 .Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
3879 by default for every jail in
3881 .It Va jail_devfs_ruleset
3885 .Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset
3886 to given value for every jail in
3888 .It Va jail_devfs_enable
3896 .Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable
3899 by default for every jail in
3901 .It Va jail_fdescfs_enable
3909 .Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable
3912 by default for every jail in
3914 .It Va jail_procfs_enable
3922 .Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable
3925 by default for every jail in
3927 .It Va jail_exec_prestart Ns Aq Ar N
3930 When set, use as default value for
3931 .Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N
3934 .It Va jail_exec_start
3937 When set, use as default value for
3938 .Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
3941 .It Va jail_exec_afterstart Ns Aq Ar N
3944 When set, use as default value for
3945 .Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N
3948 .It Va jail_exec_poststart Ns Aq Ar N
3951 When set, use as default value for
3952 .Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N
3955 .It Va jail_exec_prestop Ns Aq Ar N
3958 When set, use as default value for
3959 .Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N
3962 .It Va jail_exec_stop
3964 When set, use as default value for
3965 .Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
3968 .It Va jail_exec_poststop Ns Aq Ar N
3971 When set, use as default value for
3972 .Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N
3975 .It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir
3978 Set to the root directory used by jail
3980 .It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname
3983 Set to the fully qualified domain name (FQDN) assigned to jail
3985 .It Va jail_ Ns Ao Ar jname Ac Ns Va _parameters
3988 Set extra parameters for jail
3991 .Dq Li allow.chflags
3993 .Dq Li children.max .
3996 for a list of available parameters.
3997 Note that the following parameters are already defined by
3999 script out of their corresponding
4002 .Bl -tag -width "host.hostname" -offset indent
4005 .Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir
4006 .It Li host.hostname
4008 .Va jail_ Ns Ao Ar jname Ac Ns Va _hostname
4011 .Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
4014 .Va jail_ Ns Ao Ar jname Ac Ns Va _ip
4015 contains IPv4 addresses
4018 .Va jail_ Ns Ao Ar jname Ac Ns Va _ip6
4019 contains IPv6 addresses
4021 .It Va jail_ Ns Ao Ar jname Ac Ns Va _ip
4024 Set to the (primary) IPv4 and/or IPv6 address(es) assigned to the jail.
4025 The argument can be a sole address or a comma separated list of addresses.
4026 Additionally each address can be prefixed by the name of an interface
4027 followed by a pipe to overwrite
4028 .Va jail_ Ns Ao Ar jname Ac Ns Va _interface
4031 and/or suffixed by a netmask, prefixlen or prefix.
4032 In case no netmask, prefixlen or prefix is given,
4034 will be used for IPv4 and
4036 will be used for an IPv6 address.
4037 If no address is given for the jail then the jail will be started with
4038 no networking support.
4039 .It Va jail_ Ns Ao Ar jname Ac Ns Va _ip_multi Ns Aq Ar n
4042 Set additional IPv4 and/or IPv6 address(es) assigned to the jail.
4043 The sequence starts with
4045 and the numbers have to be strictly ascending.
4046 These entries follow the same syntax as their primary
4047 .Va jail_ Ns Ao Ar jname Ac Ns Va _ip
4049 The order of the entries can be important as the first address for
4050 each address family found will be the primary address of the jail.
4056 .It Va jail_ Ns Ao Ar jname Ac Ns Va _flags
4061 These are flags to pass to
4063 .It Va jail_ Ns Ao Ar jname Ac Ns Va _interface
4066 When set, sets the interface to use when setting IP address alias.
4067 Note that the alias is created at jail startup and removed at jail shutdown.
4068 .It Va jail_ Ns Ao Ar jname Ac Ns Va _fib
4071 When set, the jail is started with the specified forwarding table (sometimes
4072 referred to as a routing table) via
4074 .It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
4077 .Pa /etc/fstab. Ns Aq Ar jname
4079 This is the file system information file to use for jail
4081 .It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable
4088 mount all file systems from
4089 .Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
4091 .It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset
4094 When set, defines the device file system ruleset file to use for jail
4096 .It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable
4103 mount the device file system inside jail
4106 .It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable
4113 mount the file-descriptor file system inside jail
4116 .It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable
4123 mount the process file system inside jail
4126 .It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N
4129 This is the command run as
4132 before jail startup, where
4135 It is run outside the jail.
4136 .It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start
4139 .Dq Li /bin/sh /etc/rc
4141 This is the command executed in a jail at jail startup.
4142 .It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N
4145 This is the command run as
4149 after jail startup, where
4152 .It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N
4155 This is the command run as
4158 after jail startup, where
4161 It is run outside the jail.
4162 .It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N
4165 This is the command run as
4168 before jail shutdown, where
4171 It is run outside the jail.
4172 .It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop
4175 .Dq Li /bin/sh /etc/rc.shutdown
4177 This is the command executed in a jail at jail shutdown.
4178 .It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N
4181 This is the command run as
4184 after jail shutdown, where
4187 It is run outside the jail.
4188 .It Va jail_set_hostname_allow
4192 do not allow the root user in a jail to set its hostname.
4193 .It Va jail_socket_unixiproute_only
4197 do not allow any sockets,
4198 besides UNIX/IP/route sockets,
4199 to be used within a jail.
4200 .It Va jail_sysvipc_allow
4204 allow applications within a jail to use System V IPC.
4205 .\" -----------------------------------------------------
4206 .It Va harvest_interrupt
4210 to use hardware interrupts as an entropy source.
4213 for more information.
4214 .It Va harvest_ethernet
4218 to use LAN traffic as an entropy source.
4221 for more information.
4222 .It Va harvest_p_to_p
4226 to use serial line traffic as an entropy source.
4229 for more information.
4234 to disable caching entropy via
4236 Otherwise set to the directory used to store entropy files in.
4241 to disable caching entropy through reboots.
4242 Otherwise set to the filename used to store cached entropy through
4244 This file should be located on the root file system to seed the
4246 device as early as possible in the boot process.
4247 .It Va entropy_save_sz
4249 Size of the entropy cache files saved by
4252 .It Va entropy_save_num
4254 Number of entropy cache files to save by
4268 Configuration file for
4277 .Pa /var/run/dmesg.boot
4279 .It Va rcshutdown_timeout
4281 If set, start a watchdog timer in the background which will terminate
4285 has not completed within the specified time (in seconds).
4286 Notice that in addition to this soft timeout,
4288 also applies a hard timeout for the execution of
4290 This is configured via
4293 .Va kern.init_shutdown_timeout
4294 and defaults to 120 seconds.
4295 Setting the value of
4296 .Va rcshutdown_timeout
4297 to more than 120 seconds will have no effect until the
4300 .Va kern.init_shutdown_timeout
4302 .It Va virecover_enable
4306 to prevent the system from trying to
4307 recover pre-maturely terminated
4310 .It Va ugidfw_enable
4315 .Xr mac_bsdextended 4
4316 module upon system initialization and load a default
4318 .It Va bsdextended_script
4321 .Xr mac_bsdextended 4
4322 ruleset file to load.
4323 The default value of this variable is
4324 .Pa /etc/rc.bsdextended .
4325 .It Va newsyslog_enable
4332 .It Va newsyslog_flags
4335 .Va newsyslog_enable
4338 these are the flags to pass to the
4343 which causes log files flagged with a
4346 .It Va mdconfig_md Ns Aq Ar X
4356 must be specified and either a
4358 for malloc or swap backed
4366 .Va mdconfig_md Ns Aq Ar X
4367 variables are evaluated until one variable is unset or null.
4368 .It Va mdconfig_md Ns Ao Ar X Ac Ns Va _newfs
4370 Optional arguments passed to
4376 .It Va mdconfig_md Ns Ao Ar X Ac Ns Va _owner
4378 An ownership specification passed to
4387 device and the mount point will be changed.
4388 .It Va mdconfig_md Ns Ao Ar X Ac Ns Va _perms
4390 A mode string passed to
4399 device and the mount point will be changed.
4400 .It Va mdconfig_md Ns Ao Ar X Ac Ns Va _files
4402 Files to be copied to the mount point of the
4406 after it has been mounted.
4407 .It Va mdconfig_md Ns Ao Ar X Ac Ns Va _cmd
4409 Command to execute after the specified
4414 Note that the command is passed to
4420 variables can be used to reference respectively the
4422 device and the mount point.
4427 one could set the following:
4429 mdconfig_md0_cmd="tar xfzC /var/file.tgz \e${_mp}"
4431 .It Va autobridge_interfaces
4433 Set to the list of bridge interfaces that will have newly arriving interfaces
4434 checked against to be automatically added.
4437 then for each whitespace separated
4440 .Va autobridge_ Ns Aq Ar element
4441 variable is assumed to exist which has a whitespace separated list of interface
4442 names to match, these names can use wildcards.
4445 autobridge_interfaces="bridge0"
4446 autobridge_bridge0="tap* dc0 vlan[345]"
4452 enable support for sound mixer.
4453 .It Va hcsecd_enable
4457 enable Bluetooth security daemon.
4458 .It Va hcsecd_config
4460 Configuration file for
4463 .Pa /etc/bluetooth/hcsecd.conf .
4468 enable Bluetooth Service Discovery Protocol daemon.
4476 .It Va sdpd_groupname
4480 group to run as after it initializes.
4483 .It Va sdpd_username
4487 user to run as after it initializes.
4490 .It Va bthidd_enable
4494 enable Bluetooth Human Interface Device daemon.
4495 .It Va bthidd_config
4497 Configuration file for
4500 .Pa /etc/bluetooth/bthidd.conf .
4503 Path to a file, where
4505 will store information about known HID devices.
4507 .Pa /var/db/bthidd.hids .
4508 .It Va rfcomm_pppd_server_enable
4512 enable Bluetooth RFCOMM PPP wrapper daemon.
4513 .It Va rfcomm_pppd_server_profile
4515 The name of the profile to use from
4516 .Pa /etc/ppp/ppp.conf .
4517 Multiple profiles can be specified here.
4518 Also used to specify per-profile overrides.
4519 When the profile name contains any of the characters
4521 they are translated to
4523 for the proposes of the override variable names.
4524 .It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _bdaddr
4526 Overrides local address to listen on.
4532 The address can be specified as BD_ADDR or name.
4533 .It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _channel
4535 Overrides local RFCOMM channel to listen on.
4538 will listen on RFCOMM channel 1.
4539 Must set properly if multiple profiles used in the same time.
4540 .It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _register_sp
4544 if it should register Serial Port service on the specified RFCOMM channel.
4547 .It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _register_dun
4551 if it should register Dial-Up Networking service on the specified
4555 .It Va ubthidhci_enable
4559 change the USB Bluetooth controller from HID mode to HCI mode.
4560 You also need to specify the location of USB Bluetooth controller with the
4561 .Va ubthidhci_busnum
4565 .It Va ubthidhci_busnum
4566 Bus number where the USB Bluetooth controller is located.
4569 on your system to find this information.
4570 .It Va ubthidhci_addr
4571 Bus address of the USB Bluetooth controller.
4574 on your system to find this information.
4575 .It Va netwait_enable
4579 delays the start of network-reliant services until
4581 is up and ICMP packets to a destination defined in
4584 Link state is examined first, followed by
4586 an IP address to verify network usability.
4587 If no destination can be reached or timeouts are exceeded,
4588 network services are started anyway with no guarantee that
4589 the network is usable.
4590 Use of this variable requires both
4598 This variable contains a space-delimited list of IP addresses to
4600 DNS hostnames should not be used as resolution is not guaranteed
4601 to be functional at this point.
4602 If multiple IP addresses are specified,
4603 each will be tried until one is successful or the list is exhausted.
4604 .It Va netwait_timeout
4606 Indicates the total number of seconds to perform a
4608 against each IP address in
4610 at a rate of one ping per second.
4611 If any of the pings are successful,
4612 full network connectivity is considered reliable.
4617 Defines the name of the network interface on which watch for link.
4619 is used to monitor the interface, looking for
4620 .Dq Li status: no carrier .
4621 Once gone, the link is considered up.
4624 interface if desired.
4625 .It Va netwait_if_timeout
4627 Defines the total number of seconds to wait for link to become usable,
4628 polled at a 1-second interval.
4632 .Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact
4633 .It Pa /etc/defaults/rc.conf
4635 .It Pa /etc/rc.conf.local
4664 .Xr newsyslog.conf 5 ,
4734 .An Jordan K. Hubbard .