From dbb78dda47f7f9bd301bbdf54193f5ba6e677ed8 Mon Sep 17 00:00:00 2001
From: niklas <>
Date: Sun, 11 Apr 1999 19:41:33 +0000
Subject: [PATCH] Introduce net.inet.{ah,esp}.enable sysctl controls that are
 off by default. If you are going to use either of AH or ESP or both, enable
 these in /etc/sysctl.conf.  Also correct the IPSec debugging sysctl code, it
 is now named net.inet.ip.encdebug.  Some corrected function signatures too.

---
 src/etc/sysctl.conf | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/etc/sysctl.conf b/src/etc/sysctl.conf
index d6f95393..da030f00 100644
--- a/src/etc/sysctl.conf
+++ b/src/etc/sysctl.conf
@@ -1,9 +1,11 @@
-#	$OpenBSD: sysctl.conf,v 1.9 1998/05/05 21:51:53 deraadt Exp $
+#	$OpenBSD: sysctl.conf,v 1.10 1999/04/11 19:41:33 niklas Exp $
 # This files contains a list of sysctl options the user wants set at
 # boot time.
 # ie.
 #net.inet.ip.forwarding=1	# 1=Permit forwarding (routing) of packets
 #net.inet.tcp.rfc1323=0		# 0=disable TCP RFC1323 extensions (for if tcp is slow)
+#net.inet.esp.enable=1		# 1=Enable the ESP IPSec protocol
+#net.inet.ah.enable=1		# 1=Enable the AH IPSec protocol
 #ddb.panic=0			# 0=Do not drop into ddb on a kernel panic
 #ddb.console=1			# 1=Permit entry of ddb from the console
 #fs.posix.setuid=0		# 0=Traditional BSD chown() semantics