diff options
| author | Chris Buechler <cmb@pfsense.org> | 2009-08-08 19:02:03 -0400 |
|---|---|---|
| committer | Chris Buechler <cmb@pfsense.org> | 2009-08-08 19:02:03 -0400 |
| commit | 08c7e2e32cb0e25a0ab359160c3916cbc44133b2 (patch) | |
| tree | d781ad22a57a742fe7cbd75fe7ca208a43030649 | |
| parent | cd465e06512a461dc1f23f0f015b9057cc2970c7 (diff) | |
| download | pfsense-08c7e2e32cb0e25a0ab359160c3916cbc44133b2.zip pfsense-08c7e2e32cb0e25a0ab359160c3916cbc44133b2.tar.gz | |
Allow tcpdump by default on enc. There is no measurable performance impact, and it's annoying to flip the sysctls to allow when needed.
| -rw-r--r-- | etc/inc/system.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/inc/system.inc b/etc/inc/system.inc index e9d92d0..9bf6a43 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -42,9 +42,9 @@ function activate_powerd() { function activate_sysctls() { global $config, $g; - exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000000"); + exec("/sbin/sysctl net.enc.out.ipsec_bpf_mask=0x00000001"); exec("/sbin/sysctl net.enc.out.ipsec_filter_mask=0x00000001"); - exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000000"); + exec("/sbin/sysctl net.enc.in.ipsec_bpf_mask=0x00000002"); exec("/sbin/sysctl net.enc.in.ipsec_filter_mask=0x00000002"); if (is_array($config['sysctl'])) |
