diff options
| author | Hakan Olsson <ho@cvs.openbsd.org> | 2004-06-26 04:32:39 +0000 |
|---|---|---|
| committer | Hakan Olsson <ho@cvs.openbsd.org> | 2004-06-26 04:32:39 +0000 |
| commit | ded365edcaca083231ee2b78a2cb52610d1a90ca (patch) | |
| tree | 76871096d111fa6bbf545296c5019b27c1914b92 | |
| parent | 1f368793a92adc571d4096c441f5bd2d51b8966a (diff) | |
Default enable udpencap. Add 'disable' sysctl to sysctl.conf. markus@ ok.
| -rw-r--r-- | etc/sysctl.conf | 3 | ||||
| -rw-r--r-- | sys/netinet/ipsec_output.c | 4 |
2 files changed, 4 insertions, 3 deletions
diff --git a/etc/sysctl.conf b/etc/sysctl.conf index 011c37235ea..05346a76e35 100644 --- a/etc/sysctl.conf +++ b/etc/sysctl.conf @@ -1,4 +1,4 @@ -# $OpenBSD: sysctl.conf,v 1.31 2004/02/25 21:30:38 fgsch Exp $ +# $OpenBSD: sysctl.conf,v 1.32 2004/06/26 04:32:37 ho Exp $ # # This file contains a list of sysctl options the user wants set at # boot time. See sysctl(3) and sysctl(8) for more information on @@ -11,6 +11,7 @@ #net.inet.tcp.rfc3390=1 # 1=Enable RFC3390 for TCP window increasing #net.inet.esp.enable=0 # 0=Disable the ESP IPsec protocol #net.inet.ah.enable=0 # 0=Disable the AH IPsec protocol +#net.inet.udpencap.enable=0 # 0=Disable ESP-in-UDP encapsulation #net.inet.ipcomp.enable=1 # 1=Enable the IPCOMP protocol #net.inet.tcp.ecn=1 # 1=Enable the TCP ECN extension #ddb.panic=0 # 0=Do not drop into ddb on a kernel panic diff --git a/sys/netinet/ipsec_output.c b/sys/netinet/ipsec_output.c index 3aa5abbfe1c..d03da26c247 100644 --- a/sys/netinet/ipsec_output.c +++ b/sys/netinet/ipsec_output.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ipsec_output.c,v 1.30 2004/06/21 23:50:37 tholo Exp $ */ +/* $OpenBSD: ipsec_output.c,v 1.31 2004/06/26 04:32:38 ho Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) * @@ -57,7 +57,7 @@ #define DPRINTF(x) #endif -int udpencap_enable = 0; /* disabled by default */ +int udpencap_enable = 1; /* enabled by default */ int udpencap_port = 4500; /* triggers decapsulation */ /* |