ccc7e59e1f
connections to be logged.
924 lines
31 KiB
Groff
924 lines
31 KiB
Groff
.\" $NetBSD: sysctl.3,v 1.35 1999/05/23 20:33:51 ad Exp $
|
|
.\"
|
|
.\" Copyright (c) 1993
|
|
.\" The Regents of the University of California. All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 3. All advertising materials mentioning features or use of this software
|
|
.\" must display the following acknowledgement:
|
|
.\" This product includes software developed by the University of
|
|
.\" California, Berkeley and its contributors.
|
|
.\" 4. Neither the name of the University nor the names of its contributors
|
|
.\" may be used to endorse or promote products derived from this software
|
|
.\" without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" @(#)sysctl.3 8.4 (Berkeley) 5/9/95
|
|
.\"
|
|
.Dd May 9, 1995
|
|
.Dt SYSCTL 3
|
|
.Os
|
|
.Sh NAME
|
|
.Nm sysctl
|
|
.Nd get or set system information
|
|
.Sh LIBRARY
|
|
.Lb libc
|
|
.Sh SYNOPSIS
|
|
.Fd #include <sys/param.h>
|
|
.Fd #include <sys/sysctl.h>
|
|
.Ft int
|
|
.Fn sysctl "int *name" "u_int namelen" "void *oldp" "size_t *oldlenp" "void *newp" "size_t newlen"
|
|
.Sh DESCRIPTION
|
|
The
|
|
.Nm
|
|
function retrieves system information and allows processes with
|
|
appropriate privileges to set system information.
|
|
The information available from
|
|
.Nm
|
|
consists of integers, strings, and tables.
|
|
Information may be retrieved and set from the command interface
|
|
using the
|
|
.Xr sysctl 8
|
|
utility.
|
|
.Pp
|
|
Unless explicitly noted below,
|
|
.Nm
|
|
returns a consistent snapshot of the data requested.
|
|
Consistency is obtained by locking the destination
|
|
buffer into memory so that the data may be copied out without blocking.
|
|
Calls to
|
|
.Nm
|
|
are serialized to avoid deadlock.
|
|
.Pp
|
|
The state is described using a ``Management Information Base'' (MIB)
|
|
style name, listed in
|
|
.Fa name ,
|
|
which is a
|
|
.Fa namelen
|
|
length array of integers.
|
|
.Pp
|
|
The information is copied into the buffer specified by
|
|
.Fa oldp .
|
|
The size of the buffer is given by the location specified by
|
|
.Fa oldlenp
|
|
before the call,
|
|
and that location gives the amount of data copied after a successful call.
|
|
If the amount of data available is greater
|
|
than the size of the buffer supplied,
|
|
the call supplies as much data as fits in the buffer provided
|
|
and returns with the error code ENOMEM.
|
|
If the old value is not desired,
|
|
.Fa oldp
|
|
and
|
|
.Fa oldlenp
|
|
should be set to NULL.
|
|
.Pp
|
|
The size of the available data can be determined by calling
|
|
.Nm
|
|
with a NULL parameter for
|
|
.Fa oldp .
|
|
The size of the available data will be returned in the location pointed to by
|
|
.Fa oldlenp .
|
|
For some operations, the amount of space may change often.
|
|
For these operations,
|
|
the system attempts to round up so that the returned size is
|
|
large enough for a call to return the data shortly thereafter.
|
|
.Pp
|
|
To set a new value,
|
|
.Fa newp
|
|
is set to point to a buffer of length
|
|
.Fa newlen
|
|
from which the requested value is to be taken.
|
|
If a new value is not to be set,
|
|
.Fa newp
|
|
should be set to NULL and
|
|
.Fa newlen
|
|
set to 0.
|
|
.Pp
|
|
The top level names are defined with a CTL_ prefix in
|
|
.Pa <sys/sysctl.h> ,
|
|
and are as follows.
|
|
The next and subsequent levels down are found in the include files
|
|
listed here, and described in separate sections below.
|
|
.Pp
|
|
.Bl -column CTLXMACHDEPXXX "Next level namesXXXXXX" -offset indent
|
|
.It Sy Pa Name Next level names Description
|
|
.It CTL\_DEBUG sys/sysctl.h Debugging
|
|
.It CTL\_VFS sys/mount.h Filesystem
|
|
.It CTL\_HW sys/sysctl.h Generic CPU, I/O
|
|
.It CTL\_KERN sys/sysctl.h High kernel limits
|
|
.It CTL\_MACHDEP sys/sysctl.h Machine dependent
|
|
.It CTL\_NET sys/socket.h Networking
|
|
.It CTL\_USER sys/sysctl.h User-level
|
|
.It CTL\_VM vm/vm_param.h Virtual memory
|
|
.El
|
|
.Pp
|
|
For example, the following retrieves the maximum number of processes allowed
|
|
in the system:
|
|
.Bd -literal -offset indent -compact
|
|
int mib[2], maxproc;
|
|
size_t len;
|
|
.sp
|
|
mib[0] = CTL_KERN;
|
|
mib[1] = KERN_MAXPROC;
|
|
len = sizeof(maxproc);
|
|
sysctl(mib, 2, &maxproc, &len, NULL, 0);
|
|
.Ed
|
|
.sp
|
|
To retrieve the standard search path for the system utilities:
|
|
.Bd -literal -offset indent -compact
|
|
int mib[2];
|
|
size_t len;
|
|
char *p;
|
|
.sp
|
|
mib[0] = CTL_USER;
|
|
mib[1] = USER_CS_PATH;
|
|
sysctl(mib, 2, NULL, &len, NULL, 0);
|
|
p = malloc(len);
|
|
sysctl(mib, 2, p, &len, NULL, 0);
|
|
.Ed
|
|
.Sh CTL_DEBUG
|
|
The debugging variables vary from system to system.
|
|
A debugging variable may be added or deleted without need to recompile
|
|
.Nm
|
|
to know about it.
|
|
Each time it runs,
|
|
.Nm
|
|
gets the list of debugging variables from the kernel and
|
|
displays their current values.
|
|
The system defines twenty
|
|
.Ns ( Va struct ctldebug )
|
|
variables named
|
|
.Dv debug0
|
|
through
|
|
.Dv debug19 .
|
|
They are declared as separate variables so that they can be
|
|
individually initialized at the location of their associated variable.
|
|
The loader prevents multiple use of the same variable by issuing errors
|
|
if a variable is initialized in more than one place.
|
|
For example, to export the variable
|
|
.Dv dospecialcheck
|
|
as a debugging variable, the following declaration would be used:
|
|
.Bd -literal -offset indent -compact
|
|
int dospecialcheck = 1;
|
|
struct ctldebug debug5 = { "dospecialcheck", &dospecialcheck };
|
|
.Ed
|
|
.Sh CTL_VFS
|
|
A distinguished second level name, VFS_GENERIC,
|
|
is used to get general information about all filesystems.
|
|
One of its third level identifiers is VFS_MAXTYPENUM
|
|
that gives the highest valid filesystem type number.
|
|
Its other third level identifier is VFS_CONF that
|
|
returns configuration information about the filesystem
|
|
type given as a fourth level identifier (see
|
|
.Xr getvfsbyname 3
|
|
as an example of its use).
|
|
The remaining second level identifiers are the
|
|
filesystem type number returned by a
|
|
.Xr statfs 2
|
|
call or from VFS_CONF.
|
|
The third level identifiers available for each filesystem
|
|
are given in the header file that defines the mount
|
|
argument structure for that filesystem.
|
|
.Sh CTL_HW
|
|
The string and integer information available for the CTL_HW level
|
|
is detailed below.
|
|
The changeable column shows whether a process with appropriate
|
|
privilege may change the value.
|
|
.Bl -column "Second level nameXXXXXX" integerXXX -offset indent
|
|
.It Sy Pa Second level name Type Changeable
|
|
.It HW\_MACHINE string no
|
|
.It HW\_MODEL string no
|
|
.It HW\_NCPU integer no
|
|
.It HW\_BYTEORDER integer no
|
|
.It HW\_PHYSMEM integer no
|
|
.It HW\_USERMEM integer no
|
|
.It HW\_PAGESIZE integer no
|
|
.It HW\_MACHINE\_ARCH string no
|
|
.\".It HW\_DISKNAMES integer no
|
|
.\".It HW\_DISKSTATS integer no
|
|
.El
|
|
.Pp
|
|
.Bl -tag -width "123456"
|
|
.It Li HW_MACHINE
|
|
The machine class.
|
|
.It Li HW_MODEL
|
|
The machine model
|
|
.It Li HW_NCPU
|
|
The number of cpus.
|
|
.ne 1i
|
|
.It Li HW_BYTEORDER
|
|
The byteorder (4,321, or 1,234).
|
|
.It Li HW_PHYSMEM
|
|
The bytes of physical memory.
|
|
.It Li HW_USERMEM
|
|
The bytes of non-kernel memory.
|
|
.It Li HW_PAGESIZE
|
|
The software page size.
|
|
.It Li HW_MACHINE_ARCH
|
|
The machine cpu class.
|
|
.\".It Fa HW_DISKNAMES
|
|
.\".It Fa HW_DISKSTATS
|
|
.El
|
|
.Sh CTL_KERN
|
|
The string and integer information available for the CTL_KERN level
|
|
is detailed below.
|
|
The changeable column shows whether a process with appropriate
|
|
privilege may change the value.
|
|
The types of data currently available are process information,
|
|
system vnodes, the open file entries, routing table entries,
|
|
virtual memory statistics, load average history, and clock rate
|
|
information.
|
|
.Bl -column "KERNXCHOWNXRESTRICTEDXXX" "struct clockrateXXX" -offset indent
|
|
.It Sy Pa Second level name Type Changeable
|
|
.It KERN\_ARGMAX integer no
|
|
.It KERN\_AUTONICETIME integer yes
|
|
.It KERN\_AUTONICEVAL integer yes
|
|
.It KERN\_BOOTTIME struct timeval no
|
|
.It KERN\_CHOWN\_RESTRICTED integer no
|
|
.It KERN\_CLOCKRATE struct clockinfo no
|
|
.It KERN\_DOMAINNAME string yes
|
|
.It KERN\_FILE struct file no
|
|
.It KERN\_FSYNC integer no
|
|
.It KERN\_HOSTID integer yes
|
|
.It KERN\_HOSTNAME string yes
|
|
.It KERN\_IOV\_MAX integer no
|
|
.It KERN\_JOB\_CONTROL integer no
|
|
.It KERN\_LINK\_MAX integer no
|
|
.It KERN\_MAXFILES integer yes
|
|
.It KERN\_MAXPARTITIONS integer no
|
|
.It KERN\_MAXPROC integer yes
|
|
.It KERN\_MAXVNODES integer yes
|
|
.It KERN\_MAX\_CANON integer no
|
|
.It KERN\_MAX\_INPUT integer no
|
|
.It KERN\_MSGBUFSIZE integer no
|
|
.It KERN\_NAME\_MAX integer no
|
|
.It KERN\_NGROUPS integer no
|
|
.It KERN\_NO\_TRUNC integer no
|
|
.It KERN\_OSRELEASE string no
|
|
.It KERN\_OSREV integer no
|
|
.It KERN\_OSTYPE string no
|
|
.It KERN\_PATH\_MAX integer no
|
|
.It KERN\_PIPE\_BUF integer no
|
|
.It KERN\_POSIX1 integer no
|
|
.It KERN\_PROC struct proc no
|
|
.It KERN\_PROF node not applicable
|
|
.It KERN\_RAWPARTITION integer no
|
|
.It KERN\_SAVED\_IDS integer no
|
|
.It KERN\_SECURELVL integer raise only
|
|
.It KERN\_SHORTCORENAME integer yes
|
|
.It KERN\_SYNCHRONIZED\_IO integer no
|
|
.It KERN\_SYSVMSG integer no
|
|
.It KERN\_SYSVSEM integer no
|
|
.It KERN\_SYSVSHM integer no
|
|
.It KERN\_VDISABLE integer no
|
|
.It KERN\_VERSION string no
|
|
.It KERN\_VNODE struct vnode no
|
|
.El
|
|
.ne 1i
|
|
.Pp
|
|
.Bl -tag -width "123456"
|
|
.It Li KERN_ARGMAX
|
|
The maximum bytes of argument to
|
|
.Xr execve 2 .
|
|
.It Li KERN_AUTONICETIME
|
|
The number of seconds of cpu-time a non-root process may accumulate before
|
|
having its priority lowered from the default to the value of KERN_AUTONICEVAL.
|
|
If set to 0, automatic lowering of priority is not performed, and if set to -1
|
|
all non-root processes are immediately lowered.
|
|
.It Li KERN_AUTONICEVAL
|
|
The priority assigned for automatically niced processes.
|
|
.It Li KERN_BOOTTIME
|
|
A
|
|
.Va struct timeval
|
|
structure is returned.
|
|
This structure contains the time that the system was booted.
|
|
.It Li KERN_CHOWN_RESTRICTED
|
|
Return 1 if appropriate privileges are required for the
|
|
.Xr chown 2
|
|
system call, otherwise 0.
|
|
.It Li KERN_CLOCKRATE
|
|
A
|
|
.Va struct clockinfo
|
|
structure is returned.
|
|
This structure contains the clock, statistics clock and profiling clock
|
|
frequencies, the number of micro-seconds per hz tick, and the clock
|
|
skew rate.
|
|
.It Li KERN_DOMAINNAME
|
|
Get or set the YP domain name.
|
|
.It Li KERN_FILE
|
|
Return the entire file table.
|
|
The returned data consists of a single
|
|
.Va struct filehead
|
|
followed by an array of
|
|
.Va struct file ,
|
|
whose size depends on the current number of such objects in the system.
|
|
.It Li KERN_FSYNC
|
|
Return 1 if the POSIX 1003.1b File Synchronization Option is available
|
|
on this system,
|
|
otherwise 0.
|
|
.It Li KERN_HOSTID
|
|
Get or set the host id.
|
|
.It Li KERN_HOSTNAME
|
|
Get or set the hostname.
|
|
.It Li KERN_IOV_MAX
|
|
Return the maximum number of
|
|
.Va iovec
|
|
structures that a process has available for use with
|
|
.Xr preadv 2 ,
|
|
.Xr pwritev 2 ,
|
|
.Xr readv 2 ,
|
|
.Xr recvmsg 2 ,
|
|
.Xr sendmsg 2
|
|
and
|
|
.Xr writev 2 .
|
|
.It Li KERN_JOB_CONTROL
|
|
Return 1 if job control is available on this system, otherwise 0.
|
|
.It Li KERN_LINK_MAX
|
|
The maximum file link count.
|
|
.It Li KERN_MAXFILES
|
|
The maximum number of open files that may be open in the system.
|
|
.It Li KERN_MAXPARTITIONS
|
|
The maximum number of partitions allowed per disk.
|
|
.It Li KERN_MAXPROC
|
|
The maximum number of simultaneous processes the system will allow.
|
|
.It Li KERN_MAXVNODES
|
|
The maximum number of vnodes available on the system.
|
|
.It Li KERN_MAX_CANON
|
|
The maximum number of bytes in terminal canonical input line.
|
|
.It Li KERN_MAX_INPUT
|
|
The minimum maximum number of bytes for which space is available in
|
|
a terminal input queue.
|
|
.It Li KERN_MSGBUFSIZE
|
|
The maximum number of characters that the kernel message buffer can hold.
|
|
.It Li KERN_NAME_MAX
|
|
The maximum number of bytes in a file name.
|
|
.It Li KERN_NGROUPS
|
|
The maximum number of supplemental groups.
|
|
.It Li KERN_NO_TRUNC
|
|
Return 1 if file names longer than KERN_NAME_MAX are truncated.
|
|
.It Li KERN_OSRELEASE
|
|
The system release string.
|
|
.It Li KERN_OSREV
|
|
The system revision string.
|
|
.It Li KERN_OSTYPE
|
|
The system type string.
|
|
.It Li KERN_PATH_MAX
|
|
The maximum number of bytes in a pathname.
|
|
.It Li KERN_PIPE_BUF
|
|
The maximum number of bytes which will be written atomically to a pipe.
|
|
.It Li KERN_POSIX1
|
|
The version of ISO/IEC 9945 (POSIX 1003.1) with which the system
|
|
attempts to comply.
|
|
.It Li KERN_PROC
|
|
Return the entire process table, or a subset of it.
|
|
An array of
|
|
.Va struct kinfo_proc
|
|
structures is returned,
|
|
whose size depends on the current number of such objects in the system.
|
|
The third and fourth level names are as follows:
|
|
.Bl -column "Third level nameXXXXXX" "Fourth level is:XXXXXX" -offset indent
|
|
.It Pa Third level name Fourth level is:
|
|
.It KERN\_PROC\_ALL None
|
|
.It KERN\_PROC\_PID A process ID
|
|
.It KERN\_PROC\_PGRP A process group
|
|
.It KERN\_PROC\_TTY A tty device
|
|
.It KERN\_PROC\_UID A user ID
|
|
.It KERN\_PROC\_RUID A real user ID
|
|
.El
|
|
.It Li KERN_PROF
|
|
Return profiling information about the kernel.
|
|
If the kernel is not compiled for profiling,
|
|
attempts to retrieve any of the KERN_PROF values will
|
|
fail with EOPNOTSUPP.
|
|
The third level names for the string and integer profiling information
|
|
is detailed below.
|
|
The changeable column shows whether a process with appropriate
|
|
privilege may change the value.
|
|
.Bl -column "GPROFXGMONPARAMXXX" "struct gmonparamXXX" -offset indent
|
|
.It Sy Pa Third level name Type Changeable
|
|
.It GPROF\_STATE integer yes
|
|
.It GPROF\_COUNT u_short[\|] yes
|
|
.It GPROF\_FROMS u_short[\|] yes
|
|
.It GPROF\_TOS struct tostruct yes
|
|
.It GPROF\_GMONPARAM struct gmonparam no
|
|
.El
|
|
.Pp
|
|
The variables are as follows:
|
|
.Bl -tag -width "123456"
|
|
.It Li GPROF_STATE
|
|
Returns GMON_PROF_ON or GMON_PROF_OFF to show that profiling
|
|
is running or stopped.
|
|
.It Li GPROF_COUNT
|
|
Array of statistical program counter counts.
|
|
.It Li GPROF_FROMS
|
|
Array indexed by program counter of call-from points.
|
|
.It Li GPROF_TOS
|
|
Array of
|
|
.Va struct tostruct
|
|
describing destination of calls and their counts.
|
|
.It Li GPROF_GMONPARAM
|
|
Structure giving the sizes of the above arrays.
|
|
.El
|
|
.It Li KERN_RAWPARTITION
|
|
The raw partition of a disk (a == 0).
|
|
.It Li KERN_SAVED_IDS
|
|
Returns 1 if saved set-group and saved set-user ID is available.
|
|
.It Li KERN_SECURELVL
|
|
The system security level.
|
|
This level may be raised by processes with appropriate privilege.
|
|
It may only be lowered by process 1.
|
|
.It Li KERN_SHORTCORENAME
|
|
Whether core dumps are named
|
|
.Nm programname.core
|
|
(default, value 0) or
|
|
.Nm core
|
|
(value 1).
|
|
The default value can be changed to 1 with the kernel configuration option
|
|
.Cd options SHORTCORENAME
|
|
(see
|
|
.Xr options 4 ,
|
|
.Xr core 5 ).
|
|
.It Li KERN_SYNCHRONIZED_IO
|
|
Returns 1 if the POSIX 1003.1b Synchronized I/O Option is available
|
|
on this system,
|
|
otherwise 0.
|
|
.It Li KERN_SYSVMSG
|
|
Returns 1 if System V style message queue functionality is available
|
|
on this system,
|
|
otherwise 0.
|
|
.It Li KERN_SYSVSEM
|
|
Returns 1 if System V style semaphore functionality is available
|
|
on this system,
|
|
otherwise 0.
|
|
.It Li KERN_SYSVSHM
|
|
Returns 1 if System V style share memory functionality is available
|
|
on this system,
|
|
otherwise 0.
|
|
.It Li KERN_VDISABLE
|
|
Returns the terminal character disabling value.
|
|
.It Li KERN_VERSION
|
|
The system version string.
|
|
.It Li KERN_VNODE
|
|
Return the entire vnode table.
|
|
Note, the vnode table is not necessarily a consistent snapshot of
|
|
the system.
|
|
The returned data consists of an array whose size depends on the
|
|
current number of such objects in the system.
|
|
Each element of the array contains the kernel address of a vnode
|
|
.Va struct vnode *
|
|
followed by the vnode itself
|
|
.Va struct vnode .
|
|
.El
|
|
.Sh CTL_MACHDEP
|
|
The set of variables defined is architecture dependent.
|
|
Most architectures define at least the following variables.
|
|
.Bl -column "CONSOLE_DEVICEXXX" "integerXXX" -offset indent
|
|
.It Sy Pa Second level name Type Changeable
|
|
.It Li CPU_CONSDEV dev_t no
|
|
.El
|
|
.Sh CTL_NET
|
|
The string and integer information available for the CTL_NET level
|
|
is detailed below.
|
|
The changeable column shows whether a process with appropriate
|
|
privilege may change the value.
|
|
.Bl -column "Second level nameXXXXXX" "routing messagesXXX" -offset indent
|
|
.It Sy Pa Second level name Type Changeable
|
|
.It PF\_ROUTE routing messages no
|
|
.It PF\_INET internet values yes
|
|
.El
|
|
.Pp
|
|
.Bl -tag -width "123456"
|
|
.It Li PF_ROUTE
|
|
Return the entire routing table or a subset of it.
|
|
The data is returned as a sequence of routing messages (see
|
|
.Xr route 4
|
|
for the header file, format and meaning).
|
|
The length of each message is contained in the message header.
|
|
.Pp
|
|
The third level name is a protocol number, which is currently always 0.
|
|
The fourth level name is an address family, which may be set to 0 to
|
|
select all address families.
|
|
The fifth and sixth level names are as follows:
|
|
.Bl -column "Fifth level nameXXXXXX" "Sixth level is:XXX" -offset indent
|
|
.It Pa Fifth level name Sixth level is:
|
|
.It NET\_RT\_FLAGS rtflags
|
|
.It NET\_RT\_DUMP None
|
|
.It NET\_RT\_IFLIST None
|
|
.El
|
|
.It Li PF_INET
|
|
Get or set various global information about the internet protocols.
|
|
The third level name is the protocol.
|
|
The fourth level name is the variable name.
|
|
The currently defined protocols and names are:
|
|
.Bl -column "Protocol name" "Variable nameXX" "integer" "yes" -offset indent
|
|
.It Pa Protocol name Variable name Type Changeable
|
|
.It ip forwarding integer yes
|
|
.It ip redirect integer yes
|
|
.It ip ttl integer yes
|
|
.It ip forwsrcrt integer yes
|
|
.It ip directed-broadcast integer yes
|
|
.It ip allowsrcrt integer yes
|
|
.It ip subnetsarelocal integer yes
|
|
.It ip mtudisc integer yes
|
|
.It ip anonportmin integer yes
|
|
.It ip anonportmax integer yes
|
|
.It ip mtudisctimeout integer yes
|
|
.It icmp maskrepl integer yes
|
|
.It tcp rfc1323 integer yes
|
|
.It tcp sendspace integer yes
|
|
.It tcp recvspace integer yes
|
|
.It tcp mssdflt integer yes
|
|
.It tcp syn_cache_limit integer yes
|
|
.It tcp syn_bucket_limit integer yes
|
|
.It tcp syn_cache_interval integer yes
|
|
.It tcp init_win integer yes
|
|
.It tcp mss_ifmtu integer yes
|
|
.It tcp sack integer yes
|
|
.It tcp win_scale integer yes
|
|
.It tcp timestamps integer yes
|
|
.It tcp compat_42 integer yes
|
|
.It tcp cwm integer yes
|
|
.It tcp cwm_burstsize integer yes
|
|
.It tcp ack_on_push integer yes
|
|
.It tcp keepidle integer yes
|
|
.It tcp keepintvl integer yes
|
|
.It tcp keepcnt integer yes
|
|
.It tcp slowhz integer no
|
|
.It tcp newreno integer yes
|
|
.It tcp log_refused integer yes
|
|
.It udp checksum integer yes
|
|
.It udp sendspace integer yes
|
|
.It udp recvspace integer yes
|
|
.El
|
|
.Pp
|
|
The variables are as follows:
|
|
.Bl -tag -width "123456"
|
|
.It Li ip.forwarding
|
|
Returns 1 when IP forwarding is enabled for the host,
|
|
meaning that the host is acting as a router.
|
|
.It Li ip.redirect
|
|
Returns 1 when ICMP redirects may be sent by the host.
|
|
This option is ignored unless the host is routing IP packets,
|
|
and should normally be enabled on all systems.
|
|
.It Li ip.ttl
|
|
The maximum time-to-live (hop count) value for an IP packet sourced by
|
|
the system.
|
|
This value applies to normal transport protocols, not to ICMP.
|
|
.It Li ip.forwsrcrt
|
|
Returns 1 when forwarding of source-routed packets is enabled for
|
|
the host. This value may only be changed if the kernel security
|
|
level is less than 1.
|
|
.It Li ip.directed-broadcast
|
|
Returns 1 if directed broadcast behavior is enabled for the host.
|
|
.It Li ip.allowsrcrt
|
|
Returns 1 if the host accepts source routed packets.
|
|
.It Li ip.subnetsarelocal
|
|
Returns 1 if subnets are to be considered local addresses.
|
|
.It Li ip.mtudisc
|
|
Returns 1 if Path MTU Discovery is enabled.
|
|
.It Li ip.anonportmin
|
|
The lowest port number to use for TCP and UDP ephemeral port allocation.
|
|
This cannot be set to less that 1024 or greater than 65535.
|
|
.It Li ip.anonportmax
|
|
The highest port number to use for TCP and UDP ephemeral port allocation.
|
|
This cannot be set to less that 1024 or greater than 65535, and must
|
|
be greater than
|
|
.Li ip.anonportmin .
|
|
.It Li ip.mtudisctimeout
|
|
Returns the number of seconds in which a route added by the Path MTU
|
|
Discovery engine will time out. When the route times out, the Path
|
|
MTU Discovery engine will attempt to probe a larger path MTU.
|
|
.It Li icmp.maskrepl
|
|
Returns 1 if ICMP network mask requests are to be answered.
|
|
.It Li tcp.rfc1323
|
|
Returns 1 if RFC1323 extensions to TCP are enabled.
|
|
.It Li tcp.sendspace
|
|
Returns the default TCP send buffer size.
|
|
.It Li tcp.recvspace
|
|
Returns the default TCP receive buffer size.
|
|
.It Li tcp.mssdflt
|
|
Returns the default maximum segment size both advertsized to the peer
|
|
and to use when the peer does not advertize a maximum segment size to
|
|
us during connection setup. Do not change this value unless you really
|
|
know what you are doing.
|
|
.It Li tcp.syn_cache_limit
|
|
Returns the maximum number of entries allowed in the TCP compressed state
|
|
engine.
|
|
.It Li tcp.syn_bucket_limit
|
|
Returns the maximum number of entries allowed per hash bucket in the TCP
|
|
compressed state engine.
|
|
.It Li tcp.syn_cache_interval
|
|
Returns the TCP compressed state engine's timer interval.
|
|
.It Li tcp.init_win
|
|
Returns a value indicating the TCP initial congestion window. If this
|
|
value is 0, an auto-tuning algorithm designed to use an initial window
|
|
of approximately 4K bytes is in use. Otherwise, this value indicates
|
|
a fixed number of packets.
|
|
.It Li tcp.mss_ifmtu
|
|
Returns 1 if TCP calculates the outgoing maximum segment size based on
|
|
the MTU of the appropriate interface. Otherwise, it is calculated based on
|
|
the greater of the MTU of the interface, and the largest (non-loopback)
|
|
interface MTU on the system.
|
|
.It Li tcp.sack
|
|
Returns a value which determines the level of Selective Acknowledgement
|
|
supported by TCP. If 2, we will transmit and receive SACK options.
|
|
If 1, we will transmit SACK options, but ignore any SACK options received.
|
|
If 0, SACK is disabled.
|
|
.It Li tcp.win_scale
|
|
If rfc1323 is enabled, a value of 1 indicates RFC1323 window scale options,
|
|
for increasing the TCP window size, are enabled.
|
|
.It Li tcp.timestamps
|
|
If rfc1323 is enabled, a value of 1 indicates RFC1323 time stamp options,
|
|
used for measuring TCP round trip times, are enabled.
|
|
.It Li tcp.compat_42
|
|
Returns 1 if work-arounds for bugs in the 4.2BSD TCP implementation are
|
|
enabled. Use of this option is not recommended, although it may be
|
|
required in order to communicate with extremely old TCP implementations.
|
|
.It Li tcp.cwm
|
|
Returns 1 if use of the Hughes/Touch/Heidemann Congestion Window Monitoring
|
|
algorithm is enabled. This algorithm prevents line-rate bursts of packets
|
|
that could otherwise occur when data begins flowing on an idle TCP
|
|
connection. These line-rate bursts can contribute to network and router
|
|
congestion. This can be particularly useful on World Wide Web servers
|
|
which support HTTP/1.1, which has lingering connections.
|
|
.It Li tcp.cwm_burstsize
|
|
Returns the Congestion Window Monitoring allowed burst size, in terms
|
|
of packet count.
|
|
.It Li tcp.ack_on_push
|
|
Returns 1 if TCP is to immediately transmit an ACK upon reception of
|
|
a packet with PUSH set. This can avoid losing a round trip time in some
|
|
rare situations, but has the caveat of potentially defeating TCP's delayed
|
|
ACK algorithm. Use of this option is generally not recommended, but
|
|
the variable exists in case your configuration really needs it.
|
|
.It Li tcp.keepidle
|
|
Time a connection must be idle before keepalives are sent (if keepalives
|
|
are enabled for the connection). See also tcp.slowhz.
|
|
.It Li tcp.keepintvl
|
|
Time after a keepalive probe is sent until, in the absence of any response,
|
|
another probe is sent. See also tcp.slowhz.
|
|
.It Li tcp.keepcnt
|
|
Number of keepalive probes sent before declaring a connection dead. If
|
|
set to zero, there is no limit; keepalives will be sent until some kind of
|
|
response is received from the peer.
|
|
.It Li tcp.slowhz
|
|
The units for tcp.keepidle and tcp.keepintvl; those variables are in ticks
|
|
of a clock that ticks tcp.slowhz times per second. (That is, their values
|
|
must be divided by the tcp.slowhz value to get times in seconds.)
|
|
.It Li tcp.newreno
|
|
Returns 1 if the use of J. Hoe's NewReno congestion control algorithm is
|
|
enabled. This algorithm improves the start-up behavior of TCP connections.
|
|
.It Li tcp.log_refused
|
|
When set to 1, all refused TCP connections to the host are logged.
|
|
.It Li udp.checksum
|
|
Returns 1 when UDP checksums are being computed and checked.
|
|
Disabling UDP checksums is strongly discouraged.
|
|
.It Li udp.sendspace
|
|
Returns the default UDP send buffer size.
|
|
.It Li udp.recvspace
|
|
Returns the default UDP receive buffer size.
|
|
.El
|
|
.El
|
|
.Sh CTL_USER
|
|
The string and integer information available for the CTL_USER level
|
|
is detailed below.
|
|
The changeable column shows whether a process with appropriate
|
|
privilege may change the value.
|
|
.Bl -column "USER_COLL_WEIGHTS_MAXXXX" "integerXXX" -offset indent
|
|
.It Sy Pa Second level name Type Changeable
|
|
.It USER\_BC\_BASE\_MAX integer no
|
|
.It USER\_BC\_DIM\_MAX integer no
|
|
.It USER\_BC\_SCALE\_MAX integer no
|
|
.It USER\_BC\_STRING\_MAX integer no
|
|
.It USER\_COLL\_WEIGHTS\_MAX integer no
|
|
.It USER\_CS\_PATH string no
|
|
.It USER\_EXPR\_NEST\_MAX integer no
|
|
.It USER\_LINE\_MAX integer no
|
|
.It USER\_POSIX2\_CHAR\_TERM integer no
|
|
.It USER\_POSIX2\_C\_BIND integer no
|
|
.It USER\_POSIX2\_C\_DEV integer no
|
|
.It USER\_POSIX2\_FORT\_DEV integer no
|
|
.It USER\_POSIX2\_FORT\_RUN integer no
|
|
.It USER\_POSIX2\_LOCALEDEF integer no
|
|
.It USER\_POSIX2\_SW\_DEV integer no
|
|
.It USER\_POSIX2\_UPE integer no
|
|
.It USER\_POSIX2\_VERSION integer no
|
|
.It USER\_RE\_DUP\_MAX integer no
|
|
.It USER\_STREAM\_MAX integer no
|
|
.It USER\_TZNAME\_MAX integer no
|
|
.El
|
|
.Bl -tag -width "123456"
|
|
.Pp
|
|
.It Li USER_BC_BASE_MAX
|
|
The maximum ibase/obase values in the
|
|
.Xr bc 1
|
|
utility.
|
|
.It Li USER_BC_DIM_MAX
|
|
The maximum array size in the
|
|
.Xr bc 1
|
|
utility.
|
|
.It Li USER_BC_SCALE_MAX
|
|
The maximum scale value in the
|
|
.Xr bc 1
|
|
utility.
|
|
.It Li USER_BC_STRING_MAX
|
|
The maximum string length in the
|
|
.Xr bc 1
|
|
utility.
|
|
.It Li USER_COLL_WEIGHTS_MAX
|
|
The maximum number of weights that can be assigned to any entry of
|
|
the LC_COLLATE order keyword in the locale definition file.
|
|
.It Li USER_CS_PATH
|
|
Return a value for the
|
|
.Ev PATH
|
|
environment variable that finds all the standard utilities.
|
|
.It Li USER_EXPR_NEST_MAX
|
|
The maximum number of expressions that can be nested within
|
|
parenthesis by the
|
|
.Xr expr 1
|
|
utility.
|
|
.It Li USER_LINE_MAX
|
|
The maximum length in bytes of a text-processing utility's input
|
|
line.
|
|
.It Li USER_POSIX2_CHAR_TERM
|
|
Return 1 if the system supports at least one terminal type capable of
|
|
all operations described in POSIX 1003.2, otherwise 0.
|
|
.It Li USER_POSIX2_C_BIND
|
|
Return 1 if the system's C-language development facilities support the
|
|
C-Language Bindings Option, otherwise 0.
|
|
.It Li USER_POSIX2_C_DEV
|
|
Return 1 if the system supports the C-Language Development Utilities Option,
|
|
otherwise 0.
|
|
.It Li USER_POSIX2_FORT_DEV
|
|
Return 1 if the system supports the FORTRAN Development Utilities Option,
|
|
otherwise 0.
|
|
.It Li USER_POSIX2_FORT_RUN
|
|
Return 1 if the system supports the FORTRAN Runtime Utilities Option,
|
|
otherwise 0.
|
|
.It Li USER_POSIX2_LOCALEDEF
|
|
Return 1 if the system supports the creation of locales, otherwise 0.
|
|
.It Li USER_POSIX2_SW_DEV
|
|
Return 1 if the system supports the Software Development Utilities Option,
|
|
otherwise 0.
|
|
.It Li USER_POSIX2_UPE
|
|
Return 1 if the system supports the User Portability Utilities Option,
|
|
otherwise 0.
|
|
.It Li USER_POSIX2_VERSION
|
|
The version of POSIX 1003.2 with which the system attempts to comply.
|
|
.It Li USER_RE_DUP_MAX
|
|
The maximum number of repeated occurrences of a regular expression
|
|
permitted when using interval notation.
|
|
.ne 1i
|
|
.It Li USER_STREAM_MAX
|
|
The minimum maximum number of streams that a process may have open
|
|
at any one time.
|
|
.It Li USER_TZNAME_MAX
|
|
The minimum maximum number of types supported for the name of a
|
|
timezone.
|
|
.El
|
|
.Sh CTL_VM
|
|
The string and integer information available for the CTL_VM level
|
|
is detailed below.
|
|
The changeable column shows whether a process with appropriate
|
|
privilege may change the value.
|
|
.Bl -column "Second level nameXXXXXX" "struct loadavgXXX" -offset indent
|
|
.It Sy Pa Second level name Type Changeable
|
|
.It VM\_LOADAVG struct loadavg no
|
|
.It VM\_METER struct vmtotal no
|
|
.El
|
|
.Pp
|
|
.Bl -tag -width "123456"
|
|
.It Li VM_LOADAVG
|
|
Return the load average history.
|
|
The returned data consists of a
|
|
.Va struct loadavg .
|
|
.It Li VM_METER
|
|
Return the system wide virtual memory statistics.
|
|
The returned data consists of a
|
|
.Va struct vmtotal .
|
|
.El
|
|
.Sh CTL_DDB
|
|
The integer information available for the CTL_DDB level is detailed below.
|
|
The changeable column shows whether a process with appropriate
|
|
privilege may change the value.
|
|
.Bl -column "DBCTL_TABSTOPSXXX" "integerXXX" -offset indent
|
|
.It Sy Pa Second level name Type Changeable
|
|
.It DBCTL\_RADIX integer yes
|
|
.It DBCTL\_MAXOFF integer yes
|
|
.It DBCTL\_LINES integer yes
|
|
.It DBCTL\_TABSTOPS integer yes
|
|
.It DBCTL\_ONPANIC integer yes
|
|
.El
|
|
.Pp
|
|
.Bl -tag -width "123456"
|
|
.It Li DBCTL_RADIX
|
|
The input and output radix.
|
|
.It Li DBCTL_MAXOFF
|
|
The maximum symbol offset.
|
|
.It Li DBCTL_LINES
|
|
Number of display lines.
|
|
.It Li DBCTL_TABSTOPS
|
|
Tab width.
|
|
.It Li DBCTL_ONPANIC
|
|
If non-zero, DDB will be entered when the kernel panics.
|
|
.El
|
|
.Pp
|
|
These MIB nodes are also available as variables from within the
|
|
DDB. See
|
|
.Xr ddb 4
|
|
for more details.
|
|
.Sh RETURN VALUES
|
|
If the call to
|
|
.Nm
|
|
is successful, the number of bytes copied out is returned.
|
|
Otherwise \-1 is returned and
|
|
.Va errno
|
|
is set appropriately.
|
|
.Sh ERRORS
|
|
The following errors may be reported:
|
|
.Bl -tag -width Er
|
|
.It Bq Er EFAULT
|
|
The buffer
|
|
.Fa name ,
|
|
.Fa oldp ,
|
|
.Fa newp ,
|
|
or length pointer
|
|
.Fa oldlenp
|
|
contains an invalid address.
|
|
.It Bq Er EINVAL
|
|
The
|
|
.Fa name
|
|
array is less than two or greater than CTL_MAXNAME.
|
|
.It Bq Er EINVAL
|
|
A non-null
|
|
.Fa newp
|
|
is given and its specified length in
|
|
.Fa newlen
|
|
is too large or too small.
|
|
.It Bq Er ENOMEM
|
|
The length pointed to by
|
|
.Fa oldlenp
|
|
is too short to hold the requested value.
|
|
.It Bq Er ENOTDIR
|
|
The
|
|
.Fa name
|
|
array specifies an intermediate rather than terminal name.
|
|
.It Bq Er EOPNOTSUPP
|
|
The
|
|
.Fa name
|
|
array specifies a value that is unknown.
|
|
.It Bq Er EPERM
|
|
An attempt is made to set a read-only value.
|
|
.It Bq Er EPERM
|
|
A process without appropriate privilege attempts to set a value.
|
|
.It Bq Er EPERM
|
|
An attempt to change a value protected by the current kernel security
|
|
level is made.
|
|
.El
|
|
.Sh FILES
|
|
.Bl -tag -width <netinet/icmpXvar.h> -compact
|
|
.It Pa <sys/sysctl.h>
|
|
definitions for top level identifiers, second level kernel and hardware
|
|
identifiers, and user level identifiers
|
|
.It Pa <sys/socket.h>
|
|
definitions for second level network identifiers
|
|
.It Pa <sys/gmon.h>
|
|
definitions for third level profiling identifiers
|
|
.It Pa <vm/vm_param.h>
|
|
definitions for second level virtual memory identifiers
|
|
.It Pa <netinet/in.h>
|
|
definitions for third level Internet identifiers and
|
|
fourth level IP identifiers
|
|
.It Pa <netinet/icmp_var.h>
|
|
definitions for fourth level ICMP identifiers
|
|
.It Pa <netinet/tcp_var.h>
|
|
definitions for fourth level TCP identifiers
|
|
.It Pa <netinet/udp_var.h>
|
|
definitions for fourth level UDP identifiers
|
|
.El
|
|
.Sh SEE ALSO
|
|
.Xr sysctl 8
|
|
.Sh HISTORY
|
|
The
|
|
.Nm
|
|
function first appeared in
|
|
.Bx 4.4 .
|