dccce1d5cc
This patch gets the docs adjusted to work with the new RHEL 7 STIG version 1 release. The new STIG release has changed all of the numbering, but it maintains a link to (most) of the old STIG IDs in the XML. Closes-bug: 1676865 Change-Id: I65023fe63163c9804a3aec9dcdbf23c69bedb604
427 B
427 B
---id: V-72291 status: implemented tag: kernel ---
The tasks in this role set
net.ipv4.conf.default.send_redirects and
net.ipv4.conf.all.send_redirects to 0 by
default. This prevents a system from sending IPv4 ICMP redirect packets
on all new and existing interfaces.
Deployers can opt out of this change by setting the following Ansible variable:
security_disallow_icmp_redirects: no