Fixes #3666. Set the sysctl net.inet.icmp.reply_from_interface to 1 to use the incoming interface to send the icmp reply from. It uses another part of patch to pf to undo NAT if it was already performed before

author: Ermal <eri@pfsense.org> 2014-09-11 21:57:39 +0200
committer: Ermal <eri@pfsense.org> 2014-09-11 21:57:39 +0200
commit: 415b71f1d41c886b06dfc83d8bc2cb906be78509 (patch)
tree: 73274b84d7fcc83815c9895d699044d5ac7bcf3e /etc
parent: 77bf9d5ea296455803c154de4438b8b1363acf07 (diff)
download: pfsense-415b71f1d41c886b06dfc83d8bc2cb906be78509.zip
pfsense-415b71f1d41c886b06dfc83d8bc2cb906be78509.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc
index 09585be..d70de57 100644
--- a/etc/inc/globals.inc
+++ b/etc/inc/globals.inc
@@ -153,7 +153,8 @@ $sysctls = array("net.inet.ip.portrange.first" => "1024",
 	"kern.random.sys.harvest.ethernet" => 0,
 	"net.route.netisr_maxqlen" => 1024,
 	"net.inet.udp.checksum" => 1,
-	"net.bpf.zerocopy_enable" => 1
+	"net.bpf.zerocopy_enable" => 1,
+	"net.inet.icmp.reply_from_interface" => 1
 );
 
 /* Include override values for the above if needed. If the file doesn't exist, don't try to load it. */
author	Ermal <eri@pfsense.org>	2014-09-11 21:57:39 +0200
committer	Ermal <eri@pfsense.org>	2014-09-11 21:57:39 +0200
commit	415b71f1d41c886b06dfc83d8bc2cb906be78509 (patch)
tree	73274b84d7fcc83815c9895d699044d5ac7bcf3e /etc
parent	77bf9d5ea296455803c154de4438b8b1363acf07 (diff)
download	pfsense-415b71f1d41c886b06dfc83d8bc2cb906be78509.zip pfsense-415b71f1d41c886b06dfc83d8bc2cb906be78509.tar.gz