31823b7647
This patch disables ICMPv6 redirects feature on the host. Accepting ICMP redirects has few legitimate uses. It should be disabled unless it is absolutely required. It is configurable by ``security_disable_icmpv6_redirects`` variable. This feature is disabled by default. Change-Id: I12049973d351aee76b95153779c6545e4c7cf00c
9 lines
361 B
YAML
9 lines
361 B
YAML
---
|
|
features:
|
|
- |
|
|
A new task was added to disable ICMPv6 redirects per the requirements in
|
|
V-38548. However, since this change can cause problems in running OpenStack
|
|
environments, it is disabled by default. Deployers who wish to enable this
|
|
task (and disable ICMPv6 redirects) should set
|
|
``security_disable_icmpv6_redirects`` to ``yes``.
|