Editing
FreeBSD Reference
(section)
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
= /etc/rc.conf = We will start with some basic FreeBSD essentials that you must be aware of. First off, the absolute most important file on any of our FreeBSD systems is /etc/rc.conf This is the main startup configuration file for all FreeBSD systems. Not only does it contain startup directives that direct the start process to fire off certain processes, but it also contains the hostname, Ip address, default gateway and all additional IP aliases for the FreeBSD system. Note that it does not contain the nameservers - those are in /etc/resolv.conf, just like any other UNIX OS. So, lets take a look at a production machine, jail9 in this case, and its /etc/rc.conf: <pre>hostname="jail9.johncompanies.com" kern_securelevel_enable="NO" nfs_reserved_port_only="YES" sendmail_enable="NO" sshd_enable="YES" syslogd_flags="-ss" portmap_enable="NO" rand_irqs="9 10 11 13 14" inetd_enable="YES" inetd_flags="-Ww -a 10.1.4.109" defaultrouter="69.55.237.1" nfs_client_enable="YES" nfs_client_flags="-n 4" ifconfig_fxp1="10.1.4.109 netmask 255.255.255.0" static_routes="t1 office" route_t1="-net 10.1.5 10.1.4.2" route_office="-net 10.1.6 10.1.4.2" ifconfig_fxp0="inet 69.55.237.129 netmask 255.255.255.0" ifconfig_fxp0_alias0="inet 198.78.65.130 netmask 255.255.255.0" ifconfig_fxp0_alias1="inet 198.78.65.131 netmask 255.255.255.255" ifconfig_fxp0_alias2="inet 198.78.65.132 netmask 255.255.255.255" ifconfig_fxp0_alias3="inet 198.78.65.133 netmask 255.255.255.255" ifconfig_fxp0_alias4="inet 198.78.65.134 netmask 255.255.255.255" ifconfig_fxp0_alias5="inet 198.78.65.189 netmask 255.255.255.255" ifconfig_fxp0_alias6="inet 198.78.65.136 netmask 255.255.255.255" ifconfig_fxp0_alias7="inet 198.78.66.222 netmask 255.255.255.0" ifconfig_fxp0_alias8="inet 198.78.65.138 netmask 255.255.255.255" ifconfig_fxp0_alias9="inet 198.78.65.139 netmask 255.255.255.255" ifconfig_fxp0_alias10="inet 198.78.65.140 netmask 255.255.255.255" ifconfig_fxp0_alias11="inet 198.78.65.141 netmask 255.255.255.255" ifconfig_fxp0_alias12="inet 198.78.65.142 netmask 255.255.255.255" ifconfig_fxp0_alias13="inet 198.78.65.143 netmask 255.255.255.255" ifconfig_fxp0_alias14="inet 198.78.65.144 netmask 255.255.255.255" ifconfig_fxp0_alias15="inet 198.78.65.145 netmask 255.255.255.255" ifconfig_fxp0_alias16="inet 198.78.65.146 netmask 255.255.255.255" ifconfig_fxp0_alias17="inet 198.78.65.147 netmask 255.255.255.255" ifconfig_fxp0_alias18="inet 198.78.65.148 netmask 255.255.255.255" ifconfig_fxp0_alias19="inet 198.78.65.149 netmask 255.255.255.255" ifconfig_fxp0_alias20="inet 198.78.65.150 netmask 255.255.255.255" ifconfig_fxp0_alias21="inet 198.78.65.151 netmask 255.255.255.255" ifconfig_fxp0_alias22="inet 198.78.65.160 netmask 255.255.255.255" ifconfig_fxp0_alias23="inet 198.78.65.153 netmask 255.255.255.255" ifconfig_fxp0_alias24="inet 198.78.65.159 netmask 255.255.255.255" ifconfig_fxp0_alias25="inet 198.78.65.155 netmask 255.255.255.255" ifconfig_fxp0_alias26="inet 198.78.65.156 netmask 255.255.255.255" ifconfig_fxp0_alias27="inet 198.78.65.157 netmask 255.255.255.255" ifconfig_fxp0_alias28="inet 198.78.65.158 netmask 255.255.255.255" ifconfig_fxp0_alias29="inet 69.55.237.148 netmask 255.255.255.255" ifconfig_fxp0_alias30="inet 69.55.237.139 netmask 255.255.255.255" ifconfig_fxp0_alias31="inet 69.55.237.145 netmask 255.255.255.255" ifconfig_fxp0_alias32="inet 69.55.237.158 netmask 255.255.255.255" ifconfig_fxp0_alias33="inet 69.55.237.146 netmask 255.255.255.255" ifconfig_fxp0_alias34="inet 69.55.237.153 netmask 255.255.255.255" ifconfig_fxp0_alias35="inet 69.55.237.133 netmask 255.255.255.255" ifconfig_fxp0_alias36="inet 69.55.237.157 netmask 255.255.255.255" ifconfig_fxp0_alias37="inet 69.55.238.222 netmask 255.255.255.0" ifconfig_fxp0_alias38="inet 69.55.237.160 netmask 255.255.255.255" ifconfig_fxp0_alias39="inet 69.55.239.149 netmask 255.255.255.0"</pre> Ok, let's first look at the first section: <pre>hostname="jail9.johncompanies.com" kern_securelevel_enable="NO" nfs_reserved_port_only="YES" sendmail_enable="NO" sshd_enable="YES" syslogd_flags="-ss" portmap_enable="NO" rand_irqs="9 10 11 13 14" inetd_enable="YES" inetd_flags="-Ww -a 10.1.4.109" defaultrouter="69.55.237.1" nfs_client_enable="YES" nfs_client_flags="-n 4"</pre> we see that the hostname is set. We also see items like: <pre>kern_securelevel_enable="NO" nfs_reserved_port_only="YES"</pre> These are simply security settings that do not affect anything you will be dealing with. Lines like this, though: <pre>sendmail_enable="NO" sshd_enable="YES" syslogd_flags="-ss"</pre> are marginally important. Obviously we want sshd to start on jail9, and further, we have no need to run sendmail, so that is set to NO. Also, since there are multiple IPs on the system, we tell syslog that it should not answer remote queries - so we set a directive to pass -ss along to syslog when it is started at boot time. These two lines make sure that inetd is only running on the private network. <pre>inetd_enable="YES" inetd_flags="-Ww -a 10.1.4.109"</pre> The only service that inetd is running is the one that lets us collect load average data. <tt>defaultrouter="69.55.237.1"</tt> is self-explanatory. So, a few notes. First, on an existing FreeBSD machine, there is really no reason to ever edit any of the lines in this first section of /etc/rc.conf. Several of the machines running were loaded over 1.5 years ago, and I have not changed the first section of their /etc/rc.conf at all. Second, the syntax of these items is very important - a missing " or a space between the directive and the = sign or the = sign and the value will cause failure. The following two examples will not work: <pre>sendmail_enable=NO sendmail_enable = "NO"</pre> However, take a look at the next section, abbreviated for simplicity: <pre>ifconfig_fxp0="inet 69.55.237.129 netmask 255.255.255.0" ifconfig_fxp0_alias0="inet 198.78.65.130 netmask 255.255.255.0" ifconfig_fxp0_alias1="inet 198.78.65.131 netmask 255.255.255.255" ifconfig_fxp0_alias2="inet 198.78.65.132 netmask 255.255.255.255" ifconfig_fxp0_alias3="inet 198.78.65.133 netmask 255.255.255.255" ifconfig_fxp0_alias4="inet 198.78.65.134 netmask 255.255.255.255" ifconfig_fxp0_alias5="inet 198.78.65.189 netmask 255.255.255.255" ifconfig_fxp0_alias6="inet 198.78.65.136 netmask 255.255.255.255" ifconfig_fxp0_alias7="inet 198.78.66.222 netmask 255.255.255.0"</pre> First off, we configure the main IP of the system, and that line starts with: ifconfig_fxp0= The rest is self-explanatary, however it should be noted that the word "inet" does indeed need to exist in that string. All additional IPs are added as aliases, starting with #0: ifconfig_fxp0_alias0="inet 198.78.65.130 netmask 255.255.255.0" Note that the syntax is identical, except for the addition of the _alias0 at the end of ifconfig_fxp0. A very important note is that the '''alias numbers need to be exactly in order, and ascend number by number starting with #0'''. For example, if you had the following block: <pre>ifconfig_fxp0_alias0="inet 198.78.65.130 netmask 255.255.255.0" ifconfig_fxp0_alias1="inet 198.78.65.131 netmask 255.255.255.255" ifconfig_fxp0_alias2="inet 198.78.65.132 netmask 255.255.255.255" ifconfig_fxp0_alias5="inet 198.78.65.133 netmask 255.255.255.255" ifconfig_fxp0_alias6="inet 198.78.65.134 netmask 255.255.255.255" ifconfig_fxp0_alias7="inet 198.78.65.189 netmask 255.255.255.255" ifconfig_fxp0_alias8="inet 198.78.65.136 netmask 255.255.255.255" ifconfig_fxp0_alias9="inet 198.78.66.222 netmask 255.255.255.0"</pre> See how it skips from alias1 to alias5 ? If this were in /etc/rc.conf, only alias 0 and 1 would be configured - the rest would be ignored. Finally, note that the first address to be configured from a subnet receives its actual netmask - in this case, 255.255.255.0. However, all additional IPs configured in that subnet receive a subnet mask of 255.255.255.255. In the abbreviated example above, note how line #8 has a 255.255.255.0 subnet mask ? That is because that ifconfig line, alias #9, is the first time an IP from 198.78.66.xxx has been used - all the others were from 198.78.65.xxx.
Summary:
Please note that all contributions to JCWiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
JCWiki:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Create account
Log in
Namespaces
Page
Discussion
English
Views
Read
Edit
View history
More
Search
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Tools
What links here
Related changes
Special pages
Page information