16 lines
488 B
ReStructuredText
16 lines
488 B
ReStructuredText
---
|
|
id: V-38524
|
|
status: implemented
|
|
tag: misc
|
|
---
|
|
|
|
This patch disables ICMPv4 redirects feature on the host.
|
|
Accepting ICMP redirects has few legitimate uses.
|
|
It should be disabled unless it is absolutely required.
|
|
|
|
It is configurable by ``security_disable_icmpv4_redirects`` variable.
|
|
This feature is disabled by default as it can disrupt ``LXC`` deployments.
|
|
|
|
Deployers can skip or enable this task by setting
|
|
``security_disable_icmpv4_redirects`` to ``no`` or ``yes``, respectively.
|