diff --git a/default.prf b/default.prf
index 397f1bb5..ef497011 100644
--- a/default.prf
+++ b/default.prf
@@ -195,7 +195,7 @@ config-data=sysctl;net.inet.tcp.nolocaltimewait;1;1;Remove the TIME_WAIT state f
 config-data=sysctl;net.inet.tcp.path_mtu_discovery;0;1;Disable MTU discovery as many hosts drop the ICMP type 3 packets;-;category:security;
 config-data=sysctl;net.inet.icmp.bmcastecho;0;1;Ignore ICMP packets directed to broadcast address;-;category:security;
 config-data=sysctl;net.inet.tcp.icmp_may_rst;0;1;ICMP may not send RST to avoid spoofed ICMP/UDP floods;-;category:security;
-config-data=sysctl;net.inet.icmp.drop_redirect;1;1Do not allow redirected ICMP packets;-;category:security;
+config-data=sysctl;net.inet.icmp.drop_redirect;1;1;Do not allow redirected ICMP packets;-;category:security;
 config-data=sysctl;net.inet.icmp.rediraccept;0;1;Disable incoming ICMP redirect routing redirects;-;category:security;
 config-data=sysctl;net.inet.icmp.timestamp;0;1;Disable timestamps;-;category:security;
 config-data=sysctl;net.inet.ip.accept_sourceroute;0;1;Disable IP source routing;-;category:security;