Include net.key.preferred_oldsa in the sysctl list, set to 0 (disable) so

it doesn't fall through to the default (1).
author: Chris Buechler <cmb@pfsense.org> 2015-03-26 16:56:01 -0500
committer: Chris Buechler <cmb@pfsense.org> 2015-03-26 16:56:01 -0500
commit: 72371a3d775655f5a9c404fe4a05c8286c52c1bd (patch)
tree: 2ae4ba4c05d329e5956d2017ef28a6f2f5a60d9a /etc
parent: 96e8a999268114c583721ee2a3de6d4e354dd0e9 (diff)
download: pfsense-72371a3d775655f5a9c404fe4a05c8286c52c1bd.zip
pfsense-72371a3d775655f5a9c404fe4a05c8286c52c1bd.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc
index 8505a9d..2d7efac 100644
--- a/etc/inc/globals.inc
+++ b/etc/inc/globals.inc
@@ -166,6 +166,7 @@ $sysctls = array("net.inet.ip.portrange.first" => "1024",
 	"net.enc.out.ipsec_filter_mask" => "0x0001",
 	"net.enc.in.ipsec_bpf_mask" => "0x0002",
 	"net.enc.in.ipsec_filter_mask" => "0x0002",
+	"net.key.preferred_oldsa" => "0",
 	"net.inet.carp.senderr_demotion_factor" => 0, /* Do not demote CARP for interface send errors */
 	"net.pfsync.carp_demotion_factor" => 0 /* Do not demote CARP for pfsync errors */
 );
author	Chris Buechler <cmb@pfsense.org>	2015-03-26 16:56:01 -0500
committer	Chris Buechler <cmb@pfsense.org>	2015-03-26 16:56:01 -0500
commit	72371a3d775655f5a9c404fe4a05c8286c52c1bd (patch)
tree	2ae4ba4c05d329e5956d2017ef28a6f2f5a60d9a /etc
parent	96e8a999268114c583721ee2a3de6d4e354dd0e9 (diff)
download	pfsense-72371a3d775655f5a9c404fe4a05c8286c52c1bd.zip pfsense-72371a3d775655f5a9c404fe4a05c8286c52c1bd.tar.gz