fe39a30c98
This reverts commit ea9b39d723.
In order to release stable/pike we need this to still be present.
https://review.openstack.org/#/c/502063/ is failing.
Once we release stable/pike we can figure out how to properly remove
this repository.
Change-Id: I50308b1c3001371d4554b6c2640bd5384e870a53
718 B
718 B
---id: V-38542 status: exception tag: kernel ---
The STIG makes several requirements for IPv4 network restrictions, but these restrictions can impact certain network interfaces and cause service disruptions. Some security configurations make sense for certain types of network interfaces, like bridges, but other restrictions cause the network interface to stop passing valid traffic between hosts, containers, or virtual machines.
The default network scripts and LXC userspace tools already configure various network devices to their most secure setting. Since some hosts will act as routers, enabling security configurations that restrict network traffic can cause service disruptions for OpenStack environments.