Bluetooth SIG is being difficult and keep moving specification
documents away from being public accessible. Replace link to
the Bluetooth specification document with the document name.
Pointed out by: SoftLover < slserg at uic dot tula dot ru >
only work if there's just one interface doing dhcp. This version implements
the same logic as the version in the PR, but uses pgrep to be less verbose.
PR: conf/95905
Add a dummynet_enable knob to go with firewall_enable. If this knob
is enabled dummynet(4) is added to the list of required modules.
Discussed on: #freebsd-bugbusters (rwatson, trhodes)
PR: conf/79196
date: 2008/03/06 14:01:10; author: mtm; state: Exp; lines: +1 -1
The rarpd(8) daemon must be instructed to start on all interfaces or a
specific one. Instruct it to listen on all interfaces so that enabling
it in rc.conf(5) works "out of the box."
PR: conf/121406
Submited by: trasz
1.17:
Allow the characters .-+/ to appear in ppp profile names by folding them
to _ when evaluating ppp_<profile>_nat and ppp_<profile>_mode. Document
the per-profile variables.
1.18:
Add support for hardwiring ppp sessions to particular devices with new
per-profile variables of the form ppp_<profile>_unit. No ppp_unit
variable is supported since tying the same unit to more than one profile
won't work.
PR: conf/121452, conf/122127
Add rfcomm_pppd_server rc script to allow start rfcomm_pppd(8) in server
mode at boot time. Multiple profiles can be started at the same time.
The whole idea is very similar to the ppp rc script.
Document Bluetooth knobs in rc.conf(5)
Set defaults for the rfcomm_pppd_server rc script
The check for errors from the mount command did not work as
intended because another command (echo) is executed between
the mount command and the check.
Reported by: Sergey Baturov <sergey@toor.org.ru>
1.27:
Use get_if_var() to retrieve interface specific values of dhclient_flags
and background_dhclient. This allows interfaces who's names are not
valid parts of shell variables and shortens the code.
1.31:
When the state of the interface changes rapidly enough there is a race
where dhclient is in the process of exiting due to the link going down
when the link coming up causes devd to try and start a new one. This
results is the link being up, but no dhclient running.
Work around this race by checking a second time after a one second delay
before refusing to start a dhclient instance due to one already being
running.
rev 1.9
Also check setuid executables on ZFS.
rev 1.10
Rewrite to consume significantly less memory, by using find -s instead of
find | sort. As a bonus, this simplifies the logic considerably. Also
remove the bogus "overruning the args to ls" comment and the corresponding
"-n 20" argument to xargs; the whole point with xargs is precisely that it
knows how large the argument list can safely get.
Note that the first run of the updated script may hypotheticall produce
false positives due to differences between find's and sort's sorting
algorithm. I haven't seen this during testing, but others might.
MFC after: 2 weeks
Approved by: imp (mentor, implicit for trivial changes), des
(doing some MFC's for him)
commas due to our deconstruction of the line in cf/feature/dnsbl.m4.
PR: 120038
Submitted by: mattijs vreeling
Revision Changes Path
1.36 +1 -1 src/etc/sendmail/freebsd.mc
# This is rc.conf - a file full of useful variables that you can set
# to change the default startup behavior of your system. You should
# not edit this file! Put any overrides into one of the ${rc_conf_files}
# instead and you will be able to update these defaults later without
# spamming your local configuration information.
#
# The ${rc_conf_files} files should only contain values which override
# values set in this file. This eases the upgrade path when defaults
# are changed and new features are added.
#
# All arguments must be in double or single quotes.
#
# For a more detailed explanation of all the rc.conf variables, please
# refer to the rc.conf(5) manual page.
#
# $FreeBSD$
##############################################################
### Important initial Boot-time options ####################
##############################################################
rc_debug="NO" # Set to YES to enable debugging output from rc.d
rc_info="NO" # Enables display of informational messages at boot.
rcshutdown_timeout="30" # Seconds to wait before terminating rc.shutdown
early_late_divider="FILESYSTEMS" # Script that separates early/late
# stages of the boot process. Make sure you know
# the ramifications if you change this.
# See rc.conf(5) for more details.
swapfile="NO" # Set to name of swapfile if aux swapfile desired.
apm_enable="NO" # Set to YES to enable APM BIOS functions (or NO).
apmd_enable="NO" # Run apmd to handle APM event from userland.
apmd_flags="" # Flags to apmd (if enabled).
devd_enable="YES" # Run devd, to trigger programs on device tree changes.
devd_flags="" # Additional flags for devd(8).
kldxref_enable="NO" # Build linker.hints files with kldxref(8).
kldxref_clobber="NO" # Overwrite old linker.hints at boot.
kldxref_module_path="" # Override kern.module_path. A ';'-delimited list.
pccard_enable="NO" # Set to YES if you want to configure PCCARD devices.
pccard_mem="DEFAULT" # If pccard_enable=YES, this is card memory address.
pccard_beep="2" # pccard beep type.
pccard_ifconfig="NO" # Specialized pccard ethernet configuration (or NO).
pccardd_flags="-z" # Additional flags for pccardd.
pccard_conf="/etc/defaults/pccard.conf" # pccardd(8) config file
powerd_enable="NO" # Run powerd to lower our power usage.
powerd_flags="" # Flags to powerd (if enabled).
removable_route_flush="NO" # Flush routes when removing an interface
tmpmfs="AUTO" # Set to YES to always create an mfs /tmp, NO to never
tmpsize="20m" # Size of mfs /tmp if created
tmpmfs_flags="-S" # Extra mdmfs options for the mfs /tmp
varmfs="AUTO" # Set to YES to always create an mfs /var, NO to never
varsize="32m" # Size of mfs /var if created
varmfs_flags="-S" # Extra mount options for the mfs /var
populate_var="AUTO" # Set to YES to always (re)populate /var, NO to never
cleanvar_enable="YES" # Clean the /var directory
local_startup="/usr/local/etc/rc.d /usr/X11R6/etc/rc.d" # startup script dirs.
script_name_sep=" " # Change if your startup scripts' names contain spaces
rc_conf_files="/etc/rc.conf /etc/rc.conf.local"
# Experimental - test before enabling
gbde_autoattach_all="NO" # YES automatically mounts gbde devices from fstab
gbde_devices="NO" # Devices to automatically attach (list, or AUTO)
gbde_attach_attempts="3" # Number of times to attempt attaching gbde devices
gbde_lockdir="/etc" # Where to look for gbde lockfiles
# GELI disk encryption configuration.
geli_devices="" # List of devices to automatically attach in addition to
# GELI devices listed in /etc/fstab.
geli_tries="" # Number of times to attempt attaching geli device.
# If empty, kern.geom.eli.tries will be used.
geli_default_flags="" # Default flags for geli(8).
geli_autodetach="YES" # Automatically detach on last close.
# Providers are marked as such when all file systems are
# mounted.
# Example use.
#geli_devices="da1 mirror/home"
#geli_da1_flags="-p -k /etc/geli/da1.keys"
#geli_da1_autodetach="NO"
#geli_mirror_home_flags="-k /etc/geli/home.keys"
geli_swap_flags="-e aes -l 256 -s 4096 -d" # Options for GELI-encrypted
# swap partitions.
root_rw_mount="YES" # Set to NO to inhibit remounting root read-write.
fsck_y_enable="NO" # Set to YES to do fsck -y if the initial preen fails.
background_fsck="YES" # Attempt to run fsck in the background where possible.
background_fsck_delay="60" # Time to wait (seconds) before starting the fsck.
netfs_types="nfs:NFS nfs4:NFS4 smbfs:SMB portalfs:PORTAL nwfs:NWFS" # Net filesystems.
extra_netfs_types="NO" # List of network extra filesystem types for delayed
# mount at startup (or NO).
##############################################################
### Network configuration sub-section ######################
##############################################################
### Basic network and firewall/security options: ###
hostname="" # Set this!
nisdomainname="NO" # Set to NIS domain if using NIS (or NO).
dhclient_program="/sbin/dhclient" # Path to dhcp client program.
dhclient_flags="" # Extra flags to pass to dhcp client.
#dhclient_flags_fxp0="" # Extra dhclient flags for fxp0 only
background_dhclient="NO" # Start dhcp client in the background.
#background_dhclient_fxp0="YES" # Start dhcp client on fxp0 in the background.
synchronous_dhclient="YES" # Start dhclient directly on configured
# interfaces during startup.
firewall_enable="NO" # Set to YES to enable firewall functionality
firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall
firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall)
firewall_quiet="NO" # Set to YES to suppress rule display
firewall_logging="NO" # Set to YES to enable events logging
firewall_flags="" # Flags passed to ipfw when type is a file
ip_portrange_first="NO" # Set first dynamically allocated port
ip_portrange_last="NO" # Set last dynamically allocated port
ike_enable="NO" # Enable IKE daemon (usually racoon or isakmpd)
ike_program="/usr/local/sbin/isakmpd" # Path to IKE daemon
ike_flags="" # Additional flags for IKE daemon
ipsec_enable="NO" # Set to YES to run setkey on ipsec_file
ipsec_file="/etc/ipsec.conf" # Name of config file for setkey
natd_program="/sbin/natd" # path to natd, if you want a different one.
natd_enable="NO" # Enable natd (if firewall_enable == YES).
natd_interface="" # Public interface or IPaddress to use.
natd_flags="" # Additional flags for natd.
ipfilter_enable="NO" # Set to YES to enable ipfilter functionality
ipfilter_program="/sbin/ipf" # where the ipfilter program lives
ipfilter_rules="/etc/ipf.rules" # rules definition file for ipfilter, see
# /usr/src/contrib/ipfilter/rules for examples
ipfilter_flags="" # additional flags for ipfilter
ipnat_enable="NO" # Set to YES to enable ipnat functionality
ipnat_program="/sbin/ipnat" # where the ipnat program lives
ipnat_rules="/etc/ipnat.rules" # rules definition file for ipnat
ipnat_flags="" # additional flags for ipnat
ipmon_enable="NO" # Set to YES for ipmon; needs ipfilter or ipnat
ipmon_program="/sbin/ipmon" # where the ipfilter monitor program lives
ipmon_flags="-Ds" # typically "-Ds" or "-D /var/log/ipflog"
ipfs_enable="NO" # Set to YES to enable saving and restoring
# of state tables at shutdown and boot
ipfs_program="/sbin/ipfs" # where the ipfs program lives
ipfs_flags="" # additional flags for ipfs
pf_enable="NO" # Set to YES to enable packet filter (pf)
pf_rules="/etc/pf.conf" # rules definition file for pf
pf_program="/sbin/pfctl" # where the pfctl program lives
pf_flags="" # additional flags for pfctl
pflog_enable="NO" # Set to YES to enable packet filter logging
pflog_logfile="/var/log/pflog" # where pflogd should store the logfile
pflog_program="/sbin/pflogd" # where the pflogd program lives
pflog_flags="" # additional flags for pflogd
pfsync_enable="NO" # Expose pf state to other hosts for syncing
pfsync_syncdev="" # Interface for pfsync to work through
pfsync_syncpeer="" # IP address of pfsync peer host
pfsync_ifconfig="" # Additional options to ifconfig(8) for pfsync
tcp_extensions="YES" # Set to NO to turn off RFC1323 extensions.
log_in_vain="0" # >=1 to log connects to ports w/o listeners.
tcp_keepalive="YES" # Enable stale TCP connection timeout (or NO).
tcp_drop_synfin="NO" # Set to YES to drop TCP packets with SYN+FIN
# NOTE: this violates the TCP specification
icmp_drop_redirect="NO" # Set to YES to ignore ICMP REDIRECT packets
icmp_log_redirect="NO" # Set to YES to log ICMP REDIRECT packets
network_interfaces="auto" # List of network interfaces (or "auto").
cloned_interfaces="" # List of cloned network interfaces to create.
#cloned_interfaces="gif0 gif1 gif2 gif3" # Pre-cloning GENERIC config.
ifconfig_lo0="inet 127.0.0.1" # default loopback device configuration.
#ifconfig_lo0_alias0="inet 127.0.0.254 netmask 0xffffffff" # Sample alias entry.
#ifconfig_ed0_ipx="ipx 0x00010010" # Sample IPX address family entry.
#ifconfig_fxp0_name="net0" # Change interface name from fxp0 to net0.
#ipv4_addrs_fxp0="192.168.0.1/24 192.168.1.1-5/28" # example IPv4 address entry.
#
#autobridge_interfaces="bridge0" # List of bridges to check
#autobridge_bridge0="tap* vlan0" # Interface glob to automatically add to the bridge
#
# If you have any sppp(4) interfaces above, you might also want to set
# the following parameters. Refer to spppcontrol(8) for their meaning.
sppp_interfaces="" # List of sppp interfaces.
#sppp_interfaces="isp0" # example: sppp over ISDN
#spppconfig_isp0="authproto=chap myauthname=foo myauthsecret='top secret' hisauthname=some-gw hisauthsecret='another secret'"
gif_interfaces="NO" # List of GIF tunnels (or "NO").
#gif_interfaces="gif0 gif1" # Examples typically for a router.
# Choose correct tunnel addrs.
#gifconfig_gif0="10.1.1.1 10.1.2.1" # Examples typically for a router.
#gifconfig_gif1="10.1.1.2 10.1.2.2" # Examples typically for a router.
# User ppp configuration.
ppp_enable="NO" # Start user-ppp (or NO).
ppp_program="/usr/sbin/ppp" # Path to user-ppp program.
ppp_mode="auto" # Choice of "auto", "ddial", "direct" or "dedicated".
# For details see man page for ppp(8). Default is auto.
ppp_nat="YES" # Use PPP's internal network address translation or NO.
ppp_profile="papchap" # Which profile to use from /etc/ppp/ppp.conf.
ppp_user="root" # Which user to run ppp as
# Start multiple instances of ppp at boot time
#ppp_profile="profile1 profile2 profile3" # Which profiles to use
#ppp_profile1_mode="ddial" # Override ppp mode for profile1
#ppp_profile2_nat="NO" # Override nat mode for profile2
# profile3 uses default ppp_mode and ppp_nat
### Network daemon (miscellaneous) ###
hostapd_enable="NO" # Run hostap daemon.
syslogd_enable="YES" # Run syslog daemon (or NO).
syslogd_program="/usr/sbin/syslogd" # path to syslogd, if you want a different one.
syslogd_flags="-s" # Flags to syslogd (if enabled).
inetd_enable="NO" # Run the network daemon dispatcher (YES/NO).
inetd_program="/usr/sbin/inetd" # path to inetd, if you want a different one.
inetd_flags="-wW -C 60" # Optional flags to inetd
#
# named. It may be possible to run named in a sandbox, man security for
# details.
#
named_enable="NO" # Run named, the DNS server (or NO).
named_program="/usr/sbin/named" # path to named, if you want a different one.
#named_flags="" # Flags for named
named_pidfile="/var/run/named/pid" # Must set this in named.conf as well
named_uid="bind" # User to run named as
named_chrootdir="/var/named" # Chroot directory (or "" not to auto-chroot it)
named_chroot_autoupdate="YES" # Automatically install/update chrooted
# components of named. See /etc/rc.d/named.
named_symlink_enable="YES" # Symlink the chrooted pid file
#
# kerberos. Do not run the admin daemons on slave servers
#
kerberos5_server_enable="NO" # Run a kerberos 5 master server (or NO).
kerberos5_server="/usr/libexec/kdc" # path to kerberos 5 KDC
kerberos5_server_flags="--detach" # Additional flags to the kerberos 5 server
kadmind5_server_enable="NO" # Run kadmind (or NO)
kadmind5_server="/usr/libexec/kadmind" # path to kerberos 5 admin daemon
kpasswdd_server_enable="NO" # Run kpasswdd (or NO)
kpasswdd_server="/usr/libexec/kpasswdd" # path to kerberos 5 passwd daemon
rwhod_enable="NO" # Run the rwho daemon (or NO).
rwhod_flags="" # Flags for rwhod
rarpd_enable="NO" # Run rarpd (or NO).
rarpd_flags="" # Flags to rarpd.
bootparamd_enable="NO" # Run bootparamd (or NO).
bootparamd_flags="" # Flags to bootparamd
pppoed_enable="NO" # Run the PPP over Ethernet daemon.
pppoed_provider="*" # Provider and ppp(8) config file entry.
pppoed_flags="-P /var/run/pppoed.pid" # Flags to pppoed (if enabled).
pppoed_interface="fxp0" # The interface that pppoed runs on.
sshd_enable="NO" # Enable sshd
sshd_program="/usr/sbin/sshd" # path to sshd, if you want a different one.
sshd_flags="" # Additional flags for sshd.
ftpd_enable="NO" # Enable stand-alone ftpd.
ftpd_program="/usr/libexec/ftpd" # Path to ftpd, if you want a different one.
ftpd_flags="" # Additional flags to stand-alone ftpd.
### Network daemon (NFS): All need rpcbind_enable="YES" ###
amd_enable="NO" # Run amd service with $amd_flags (or NO).
amd_program="/usr/sbin/amd" # path to amd, if you want a different one.
amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map"
amd_map_program="NO" # Can be set to "ypcat -k amd.master"
nfs_client_enable="NO" # This host is an NFS client (or NO).
nfs_access_cache="60" # Client cache timeout in seconds
nfs_server_enable="NO" # This host is an NFS server (or NO).
nfs_server_flags="-u -t -n 4" # Flags to nfsd (if enabled).
mountd_enable="NO" # Run mountd (or NO).
mountd_flags="-r" # Flags to mountd (if NFS server enabled).
weak_mountd_authentication="NO" # Allow non-root mount requests to be served.
nfs_reserved_port_only="NO" # Provide NFS only on secure port (or NO).
nfs_bufpackets="" # bufspace (in packets) for client
rpc_lockd_enable="NO" # Run NFS rpc.lockd needed for client/server.
rpc_lockd_flags="" # Flags to rpc.lockd (if enabled).
rpc_statd_enable="NO" # Run NFS rpc.statd needed for client/server.
rpc_statd_flags="" # Flags to rpc.statd (if enabled).
rpcbind_enable="NO" # Run the portmapper service (YES/NO).
rpcbind_program="/usr/sbin/rpcbind" # path to rpcbind, if you want a different one.
rpcbind_flags="" # Flags to rpcbind (if enabled).
rpc_ypupdated_enable="NO" # Run if NIS master and SecureRPC (or NO).
keyserv_enable="NO" # Run the SecureRPC keyserver (or NO).
keyserv_flags="" # Flags to keyserv (if enabled).
### Network Time Services options: ###
timed_enable="NO" # Run the time daemon (or NO).
timed_flags="" # Flags to timed (if enabled).
ntpdate_enable="NO" # Run ntpdate to sync time on boot (or NO).
ntpdate_program="/usr/sbin/ntpdate" # path to ntpdate, if you want a different one.
ntpdate_flags="-b" # Flags to ntpdate (if enabled).
ntpdate_config="/etc/ntp.conf" # ntpdate(8) configuration file
ntpdate_hosts="" # Whitespace-separated list of ntpdate(8) servers.
ntpd_enable="NO" # Run ntpd Network Time Protocol (or NO).
ntpd_program="/usr/sbin/ntpd" # path to ntpd, if you want a different one.
ntpd_config="/etc/ntp.conf" # ntpd(8) configuration file
ntpd_sync_on_start="NO" # Sync time on ntpd startup, even if offset is high
ntpd_flags="-p /var/run/ntpd.pid -f /var/db/ntpd.drift"
# Flags to ntpd (if enabled).
# Network Information Services (NIS) options: All need rpcbind_enable="YES" ###
nis_client_enable="NO" # We're an NIS client (or NO).
nis_client_flags="" # Flags to ypbind (if enabled).
nis_ypset_enable="NO" # Run ypset at boot time (or NO).
nis_ypset_flags="" # Flags to ypset (if enabled).
nis_server_enable="NO" # We're an NIS server (or NO).
nis_server_flags="" # Flags to ypserv (if enabled).
nis_ypxfrd_enable="NO" # Run rpc.ypxfrd at boot time (or NO).
nis_ypxfrd_flags="" # Flags to rpc.ypxfrd (if enabled).
nis_yppasswdd_enable="NO" # Run rpc.yppasswdd at boot time (or NO).
nis_yppasswdd_flags="" # Flags to rpc.yppasswdd (if enabled).
### SNMP daemon ###
# Be sure to understand the security implications of running SNMP v1/v2
# in your network.
bsnmpd_enable="NO" # Run the SNMP daemon (or NO).
bsnmpd_flags="" # Flags for bsnmpd.
### Network routing options: ###
defaultrouter="NO" # Set to default gateway (or NO).
static_routes="" # Set to static route list (or leave empty).
natm_static_routes="" # Set to static route list for NATM (or leave empty).
gateway_enable="NO" # Set to YES if this host will be a gateway.
router_enable="NO" # Set to YES to enable a routing daemon.
router="/sbin/routed" # Name of routing daemon to use if enabled.
router_flags="-q" # Flags for routing daemon.
mrouted_enable="NO" # Do multicast routing (see /etc/mrouted.conf).
mrouted_flags="" # Flags for multicast routing daemon.
ipxgateway_enable="NO" # Set to YES to enable IPX routing.
ipxrouted_enable="NO" # Set to YES to run the IPX routing daemon.
ipxrouted_flags="" # Flags for IPX routing daemon.
arpproxy_all="NO" # replaces obsolete kernel option ARP_PROXYALL.
forward_sourceroute="NO" # do source routing (only if gateway_enable is set to "YES")
accept_sourceroute="NO" # accept source routed packets to us
### ATM interface options: ###
atm_enable="NO" # Configure ATM interfaces (or NO).
#atm_netif_hea0="atm 1" # Network interfaces for physical interface.
#atm_sigmgr_hea0="uni31" # Signalling manager for physical interface.
#atm_prefix_hea0="ILMI" # NSAP prefix (UNI interfaces only) (or ILMI).
#atm_macaddr_hea0="NO" # Override physical MAC address (or NO).
#atm_arpserver_atm0="0x47.0005.80.999999.9999.9999.9999.999999999999.00" # ATMARP server address (or local).
#atm_scsparp_atm0="NO" # Run SCSP/ATMARP on network interface (or NO).
atm_pvcs="" # Set to PVC list (or leave empty).
atm_arps="" # Set to permanent ARP list (or leave empty).
### ISDN interface options: (see also: /usr/share/examples/isdn) ###
isdn_enable="NO" # Enable the ISDN subsystem (or NO).
isdn_fsdev="NO" # Output device for fullscreen mode (or NO for daemon mode).
isdn_flags="-dn -d0x1f9" # Flags for isdnd
isdn_ttype="cons25" # terminal type for fullscreen mode
isdn_screenflags="NO" # screenflags for ${isdn_fsdev}
isdn_trace="NO" # Enable the ISDN trace subsystem (or NO).
isdn_traceflags="-f /var/tmp/isdntrace0" # Flags for isdntrace
### Bluetooth ###
hcsecd_enable="NO" # Enable hcsecd(8) (or NO)
hcsecd_config="/etc/bluetooth/hcsecd.conf" # hcsecd(8) configuration file
sdpd_enable="NO" # Enable sdpd(8) (or NO)
sdpd_control="/var/run/sdp" # sdpd(8) control socket
sdpd_groupname="nobody" # set spdp(8) user/group to run as after
sdpd_username="nobody" # it initializes
bthidd_enable="NO" # Enable bthidd(8) (or NO)
bthidd_config="/etc/bluetooth/bthidd.conf" # bthidd(8) configuration file
bthidd_hids="/var/db/bthidd.hids" # bthidd(8) known HID devices file
### Miscellaneous network options: ###
icmp_bmcastecho="NO" # respond to broadcast ping packets
### IPv6 options: ###
ipv6_enable="NO" # Set to YES to set up for IPv6.
ipv6_network_interfaces="auto" # List of network interfaces (or "auto").
ipv6_defaultrouter="NO" # Set to IPv6 default gateway (or NO).
#ipv6_defaultrouter="2002:c058:6301::" # Use this for 6to4 (RFC 3068)
ipv6_static_routes="" # Set to static route list (or leave empty).
#ipv6_static_routes="xxx" # An example to set fec0:0000:0000:0006::/64
# route toward loopback interface.
#ipv6_route_xxx="fec0:0000:0000:0006:: -prefixlen 64 ::1"
ipv6_gateway_enable="NO" # Set to YES if this host will be a gateway.
ipv6_router_enable="NO" # Set to YES to enable an IPv6 routing daemon.
ipv6_router="/usr/sbin/route6d" # Name of IPv6 routing daemon.
ipv6_router_flags="" # Flags to IPv6 routing daemon.
#ipv6_router_flags="-l" # Example for route6d with only IPv6 site local
# addrs.
#ipv6_router_flags="-q" # If you want to run a routing daemon on an end
# node, you should stop advertisement.
#ipv6_network_interfaces="ed0 ep0" # Examples for router
# or static configuration for end node.
# Choose correct prefix value.
#ipv6_prefix_ed0="fec0:0000:0000:0001 fec0:0000:0000:0002" # Examples for rtr.
#ipv6_prefix_ep0="fec0:0000:0000:0003 fec0:0000:0000:0004" # Examples for rtr.
#ipv6_ifconfig_ed0="fec0:0:0:5::1 prefixlen 64" # Sample manual assign entry
#ipv6_ifconfig_ed0_alias0="fec0:0:0:5::2 prefixlen 64" # Sample alias entry.
ipv6_default_interface="NO" # Default output interface for scoped addrs.
# Now this works only for IPv6 link local
# multicast addrs.
rtsol_flags="" # Flags to IPv6 router solicitation.
rtadvd_enable="NO" # Set to YES to enable an IPv6 router
# advertisement daemon. If set to YES,
# this router becomes a possible candidate
# IPv6 default router for local subnets.
rtadvd_interfaces="" # Interfaces rtadvd sends RA packets.
mroute6d_enable="NO" # Do IPv6 multicast routing.
mroute6d_program="/usr/local/sbin/pim6dd" # Name of IPv6 multicast
# routing daemon. You need to
# install it from package or
# port.
mroute6d_flags="" # Flags to IPv6 multicast routing daemon.
stf_interface_ipv4addr="" # Local IPv4 addr for 6to4 IPv6 over IPv4
# tunneling interface. Specify this entry
# to enable 6to4 interface.
stf_interface_ipv4plen="0" # Prefix length for 6to4 IPv4 addr,
# to limit peer addr range. Effective value
# is 0-31.
stf_interface_ipv6_ifid="0:0:0:1" # IPv6 interface id for stf0.
# If you like, you can set "AUTO" for this.
stf_interface_ipv6_slaid="0000" # IPv6 Site Level Aggregator for stf0
ipv6_faith_prefix="NO" # Set faith prefix to enable a FAITH
# IPv6-to-IPv4 TCP translator. You also need
# faithd(8) setup.
ipv6_ipv4mapping="NO" # Set to "YES" to enable IPv4 mapped IPv6 addr
# communication. (like ::ffff:a.b.c.d)
ipv6_firewall_enable="NO" # Set to YES to enable IPv6 firewall
# functionality
ipv6_firewall_script="/etc/rc.firewall6" # Which script to run to set up the IPv6 firewall
ipv6_firewall_type="UNKNOWN" # IPv6 Firewall type (see /etc/rc.firewall6)
ipv6_firewall_quiet="NO" # Set to YES to suppress rule display
ipv6_firewall_logging="NO" # Set to YES to enable events logging
ipv6_firewall_flags="" # Flags passed to ip6fw when type is a file
ipv6_ipfilter_rules="/etc/ipf6.rules" # rules definition file for ipfilter,
# see /usr/src/contrib/ipfilter/rules
# for examples
ip6addrctl_enable="YES" # Set to YES to enable default address selection
ip6addrctl_verbose="NO" # Set to YES to enable verbose configuration messages
##############################################################
### System console options #################################
##############################################################
keyboard="" # keyboard device to use (default /dev/kbd0).
keymap="NO" # keymap in /usr/share/syscons/keymaps/* (or NO).
keyrate="NO" # keyboard rate to: slow, normal, fast (or NO).
keybell="NO" # See kbdcontrol(1) for options. Use "off" to disable.
keychange="NO" # function keys default values (or NO).
cursor="NO" # cursor type {normal|blink|destructive} (or NO).
scrnmap="NO" # screen map in /usr/share/syscons/scrnmaps/* (or NO).
font8x16="NO" # font 8x16 from /usr/share/syscons/fonts/* (or NO).
font8x14="NO" # font 8x14 from /usr/share/syscons/fonts/* (or NO).
font8x8="NO" # font 8x8 from /usr/share/syscons/fonts/* (or NO).
blanktime="300" # blank time (in seconds) or "NO" to turn it off.
saver="NO" # screen saver: Uses /boot/kernel/${saver}_saver.ko
moused_nondefault_enable="YES" # Treat non-default mice as enabled unless
# specifically overriden in rc.conf(5).
moused_enable="NO" # Run the mouse daemon.
moused_type="auto" # See man page for rc.conf(5) for available settings.
moused_port="/dev/psm0" # Set to your mouse port.
moused_flags="" # Any additional flags to moused.
mousechar_start="NO" # if 0xd0-0xd3 default range is occupied in your
# language code table, specify alternative range
# start like mousechar_start=3, see vidcontrol(1)
allscreens_flags="" # Set this vidcontrol mode for all virtual screens
allscreens_kbdflags="" # Set this kbdcontrol mode for all virtual screens
##############################################################
### pcvt console driver options ############################
##############################################################
pcvt_verbose="NO" # set to YES to enable verbose configuration messages
pcvt_keymap="NO" # keyboard map in /usr/share/misc/keycap.pcvt (or NO).
pcvt_keydel="NO" # key repeat delay, 0-3 (250,500,750,1000 msec) (or NO).
pcvt_keyrate="NO" # keyboard repetition rate 31-0 (2-30 char/sec) (or NO).
pcvt_keyrepeat="NO" # keyboard repeat ON or OFF (or NO).
pcvt_force24="NO" # force a 24 line display (when 25 possible) (or NO).
pcvt_hpext="NO" # use HP extensions (function keys labels) (or NO).
pcvt_lines="NO" # lines (25, 28, 40, 50 or NO).
pcvt_blanktime="NO" # blank time (in seconds) (or NO).
pcvt_cursorh="NO" # cursor top scanline (topmost line is 0) (or NO).
pcvt_cursorl="NO" # cursor low scanline (bottom line is 16) (or NO).
pcvt_monohigh="NO" # set intensity to high on monochrome monitors (or NO).
##############################################################
### Mail Transfer Agent (MTA) options ######################
##############################################################
mta_start_script="/etc/rc.sendmail"
# Script to start your chosen MTA, called by /etc/rc.
# Settings for /etc/rc.sendmail and /etc/rc.d/sendmail:
sendmail_enable="NO" # Run the sendmail inbound daemon (YES/NO).
sendmail_pidfile="/var/run/sendmail.pid" # sendmail pid file
sendmail_procname="/usr/sbin/sendmail" # sendmail process name
sendmail_flags="-L sm-mta -bd -q30m" # Flags to sendmail (as a server)
sendmail_submit_enable="YES" # Start a localhost-only MTA for mail submission
sendmail_submit_flags="-L sm-mta -bd -q30m -ODaemonPortOptions=Addr=localhost"
# Flags for localhost-only MTA
sendmail_outbound_enable="YES" # Dequeue stuck mail (YES/NO).
sendmail_outbound_flags="-L sm-queue -q30m" # Flags to sendmail (outbound only)
sendmail_msp_queue_enable="YES" # Dequeue stuck clientmqueue mail (YES/NO).
sendmail_msp_queue_flags="-L sm-msp-queue -Ac -q30m"
# Flags for sendmail_msp_queue daemon.
sendmail_rebuild_aliases="YES" # Run newaliases if necessary (YES/NO).
##############################################################
### Miscellaneous administrative options ###################
##############################################################
auditd_enable="NO" # Run the audit daemon.
auditd_flags="" # Which options to pass to the audit daemon.
cron_enable="YES" # Run the periodic job daemon.
cron_program="/usr/sbin/cron" # Which cron executable to run (if enabled).
cron_dst="YES" # Handle DST transitions intelligently (YES/NO)
cron_flags="" # Which options to pass to the cron daemon.
lpd_enable="NO" # Run the line printer daemon.
lpd_program="/usr/sbin/lpd" # path to lpd, if you want a different one.
lpd_flags="" # Flags to lpd (if enabled).
chkprintcap_enable="NO" # Run chkprintcap(8) before running lpd.
chkprintcap_flags="-d" # Create missing directories by default.
usbd_enable="NO" # Run the usbd daemon.
usbd_flags="" # Flags to usbd (if enabled).
dumpdev="NO" # Device to crashdump to (device name, AUTO, or NO).
dumpdir="/var/crash" # Directory where crash dumps are to be stored
savecore_flags="" # Used if dumpdev is enabled above, and present.
enable_quotas="NO" # turn on quotas on startup (or NO).
check_quotas="YES" # Check quotas on startup (or NO).
accounting_enable="NO" # Turn on process accounting (or NO).
ibcs2_enable="NO" # Ibcs2 (SCO) emulation loaded at startup (or NO).
ibcs2_loaders="coff" # List of additional Ibcs2 loaders (or NO).
# Emulation/compatibility services provided by /etc/rc.d/abi
sysvipc_enable="NO" # Load System V IPC primitives at startup (or NO).
linux_enable="NO" # Linux binary compatibility loaded at startup (or NO).
svr4_enable="NO" # SysVR4 emulation loaded at startup (or NO).
osf1_enable="NO" # Alpha OSF/1 emulation loaded at startup (or NO).
clear_tmp_enable="NO" # Clear /tmp at startup.
clear_tmp_X="YES" # Clear and recreate X11-related directories in /tmp
ldconfig_insecure="NO" # Set to YES to disable ldconfig security checks
ldconfig_paths="/usr/lib/compat /usr/X11R6/lib /usr/local/lib /usr/local/lib/compat/pkg"
# shared library search paths
ldconfig32_paths="/usr/lib32" # 32-bit compatibility shared library search paths
ldconfig_paths_aout="/usr/lib/compat/aout /usr/X11R6/lib/aout /usr/local/lib/aout"
# a.out shared library search paths
ldconfig_local_dirs="/usr/local/libdata/ldconfig /usr/X11R6/libdata/ldconfig"
# Local directories with ldconfig configuration files.
ldconfig_local32_dirs="/usr/local/libdata/ldconfig32 /usr/X11R6/libdata/ldconfig32"
# Local directories with 32-bit compatibility ldconfig
# configuration files.
kern_securelevel_enable="NO" # kernel security level (see init(8)),
kern_securelevel="-1" # range: -1..3 ; `-1' is the most insecure
# Note that setting securelevel to 0 will result
# in the system booting with securelevel set to 1, as
# init(8) will raise the level when rc(8) completes.
update_motd="YES" # update version info in /etc/motd (or NO)
unaligned_print="YES" # print unaligned access warnings on the alpha (or NO).
entropy_file="/entropy" # Set to NO to disable caching entropy through reboots.
# /var/db/entropy-file is preferred if / is not avail.
entropy_dir="/var/db/entropy" # Set to NO to disable caching entropy via cron.
entropy_save_sz="2048" # Size of the entropy cache files.
entropy_save_num="8" # Number of entropy cache files to save.
harvest_interrupt="YES" # Entropy device harvests interrupt randomness
harvest_ethernet="YES" # Entropy device harvests ethernet randomness
harvest_p_to_p="YES" # Entropy device harvests point-to-point randomness
dmesg_enable="YES" # Save dmesg(8) to /var/run/dmesg.boot
watchdogd_enable="NO" # Start the software watchdog daemon
devfs_rulesets="/etc/defaults/devfs.rules /etc/devfs.rules" # Files containing
# devfs(8) rules.
devfs_system_ruleset="" # The name (NOT number) of a ruleset to apply to /dev
devfs_set_rulesets="" # A list of /mount/dev=ruleset_name settings to
# apply (must be mounted already, i.e. fstab(5))
performance_cx_lowest="HIGH" # Online CPU idle state
performance_cpu_freq="NONE" # Online CPU frequency
economy_cx_lowest="HIGH" # Offline CPU idle state
economy_cpu_freq="NONE" # Offline CPU frequency
virecover_enable="YES" # Perform housekeeping for the vi(1) editor
ugidfw_enable="NO" # Load mac_bsdextended(4) rules on boot
bsdextended_script="/etc/rc.bsdextended" # Default mac_bsdextended(4)
# ruleset file.
newsyslog_enable="YES" # Run newsyslog at startup.
newsyslog_flags="-CN" # Newsyslog flags to create marked files
mixer_enable="YES" # Run the sound mixer.
##############################################################
### Jail Configuration #######################################
##############################################################
jail_enable="NO" # Set to NO to disable starting of any jails
jail_list="" # Space separated list of names of jails
jail_set_hostname_allow="YES" # Allow root user in a jail to change its hostname
jail_socket_unixiproute_only="YES" # Route only TCP/IP within a jail
jail_sysvipc_allow="NO" # Allow SystemV IPC use from within a jail
#
# To use rc's built-in jail infrastructure create entries for
# each jail, specified in jail_list, with the following variables.
# NOTES:
# - replace 'example' with the jail's name.
# - except rootdir, hostname and ip, all of the following variables may be made
# global jail variables if you don't specify a jail name (ie. jail_interface).
#
#jail_example_rootdir="/usr/jail/default" # Jail's root directory
#jail_example_hostname="default.domain.com" # Jail's hostname
#jail_example_ip="192.168.0.10" # Jail's IP number
#jail_example_interface="" # Interface to create the IP alias on
#jail_example_exec_start="/bin/sh /etc/rc" # command to execute in jail for starting
#jail_example_exec_stop="/bin/sh /etc/rc.shutdown" # command to execute in jail for stopping
#jail_example_devfs_enable="NO" # mount devfs in the jail
#jail_example_fdescfs_enable="NO" # mount fdescfs in the jail
#jail_example_procfs_enable="NO" # mount procfs in jail
#jail_example_mount_enable="NO" # mount/umount jail's fs
#jail_example_devfs_ruleset="ruleset_name" # devfs ruleset to apply to jail
#jail_example_fstab="" # fstab(5) for mount/umount
#jail_example_flags="-l -U root" # flags for jail(8)
##############################################################
### Define source_rc_confs, the mechanism used by /etc/rc.* ##
### scripts to source rc_conf_files overrides safely. ##
##############################################################
if [ -z "${source_rc_confs_defined}" ]; then
source_rc_confs_defined=yes
source_rc_confs () {
local i sourced_files
for i in ${rc_conf_files}; do
case ${sourced_files} in
*:$i:*)
;;
*)
sourced_files="${sourced_files}:$i:"
if [ -r $i ]; then
. $i
fi
;;
esac
done
}
fi
1. GC the nfslocking script, which has been superseded by lockd and statd
2. Add security warning to rc.d/jail
3. Add stop_cmd=':' to those rc.d scripts that do not start services,
but did not already have a stop_cmd.
Rev. 1.6 made it impossible to use rc.d/kerberos with the krb5 port.
Re-implement the change so that the script once again works with
the krb5 port.
Submitted by: kensmith (slightly modified)
the rejected mail reports to tally the rejects per blacklist without
providing details about individual sender hosts. The default configuration
keeps the reports in their original form.
Teach /etc/rc.d/ppp to start multiple instances of ppp.
ppp_profile variable can now contain multiple profiles.
Overrides for ppp mode and nat can go into ppp_$profile_mode
and ppp_$profile_nat variables respectively. If those are
not specified, defaults from ppp_mode and ppp_nat are used.
MFC: etc/rc.d/ppp v1.15
Teach /etc/rc.d/ppp how to start/stop individual instances
of ppp. This is an extension of previous commit.
Submitted by: Yuri Kurenkov < y dot kurenkov at init dot ru >
Reviewed by: mtm
Approved by: re (kensmith)
1. Determine the location of the rndc* binaries relative to $command
2. Make the stop routine work more like rc.subr's, but try rndc first
3. Allow the rndc.key file to be owned by root OR the named_uid user
revision 1.6
date: 2007/05/17 11:33:08; author: mtm; state: Exp; lines: +3 -3
o Use the --detach option to kdc(8) instead of using the shell
background operator '&'.
PR: conf/102722
o No need to include $kerberos5_server_flags in $command_args as
rc.subr(8) will take care of this.
revision 1.7
Partial backout of rev. 1.6, but instead of putting kerberos5_server_flags
back in command_args, put it where rc.subr(8) expects it: kerberos5_flags.
Eliminate global symbols starting with an underscore from rc.d
scripts, except for mdconfig* and jail. Such symbols are reserved
for the rc.subr internals. Most scripts can be fixed by just
declaring _foo symbols as local: few scripts actually need them to
be global.
