3c19f00a7f
This patch adds the right tags to each piece of metadata and corrects small errors found in the deployer notes. Closes-bug: 1595669 Change-Id: Ic04aaad85ebf111be5a0bdb01a350442fdea1433
18 lines
718 B
ReStructuredText
18 lines
718 B
ReStructuredText
---
|
|
id: V-38523
|
|
status: exception
|
|
tag: kernel
|
|
---
|
|
|
|
The STIG makes several requirements for IPv4 network restrictions, but these
|
|
restrictions can impact certain network interfaces and cause service
|
|
disruptions. Some security configurations make sense for certain types of
|
|
network interfaces, like bridges, but other restrictions cause the network
|
|
interface to stop passing valid traffic between hosts, containers, or virtual
|
|
machines.
|
|
|
|
The default network scripts and LXC userspace tools already configure various
|
|
network devices to their most secure setting. Since some hosts will act as
|
|
routers, enabling security configurations that restrict network traffic can
|
|
cause service disruptions for OpenStack environments.
|