From a0ab4587b7760c073ec9501775b9116fb0b1c70c Mon Sep 17 00:00:00 2001
From: Peter Simons <simons@cryp.to>
Date: Thu, 17 Mar 2016 19:38:02 +0100
Subject: [PATCH] Set networking.firewall.allowPing = true by default.

This patch fixes https://github.com/NixOS/nixpkgs/issues/12927.

It would be great to configure good rate-limiting defaults for this via
/proc/sys/net/ipv4/icmp_ratelimit and /proc/sys/net/ipv6/icmp/ratelimit,
too, but I didn't since I don't know what a "good default" would be.
---
 nixos/modules/services/networking/firewall.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nixos/modules/services/networking/firewall.nix b/nixos/modules/services/networking/firewall.nix
index e11fe072be6..9221fe15577 100644
--- a/nixos/modules/services/networking/firewall.nix
+++ b/nixos/modules/services/networking/firewall.nix
@@ -338,7 +338,7 @@ in
     };
 
     networking.firewall.allowPing = mkOption {
-      default = false;
+      default = true;
       type = types.bool;
       description =
         ''