Skip to content

The Photon operating system must not perform IPv4 packet forwarding.

An XCCDF Rule

Description

<VulnDiscussion>Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-256575r887399_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

At the command line, run the following commands:

# sed -i -e "/^net.ipv4.ip_forward/d" /etc/sysctl.conf
# echo net.ipv4.ip_forward=0>>/etc/sysctl.conf
# /sbin/sysctl --load