3c19f00a7f
This patch adds the right tags to each piece of metadata and corrects small errors found in the deployer notes. Closes-bug: 1595669 Change-Id: Ic04aaad85ebf111be5a0bdb01a350442fdea1433
718 B
718 B
---id: V-38529 status: exception tag: kernel ---
The STIG makes several requirements for IPv4 network restrictions, but these restrictions can impact certain network interfaces and cause service disruptions. Some security configurations make sense for certain types of network interfaces, like bridges, but other restrictions cause the network interface to stop passing valid traffic between hosts, containers, or virtual machines.
The default network scripts and LXC userspace tools already configure various network devices to their most secure setting. Since some hosts will act as routers, enabling security configurations that restrict network traffic can cause service disruptions for OpenStack environments.