Bastille does not lock down ip_forwarding

CITEC HP TEAM · ‎02-09-2009

As per the doco running Bastille for HOST.config should lock down ip_forwaring and update /etc/rc.config.d/nndconf with the following:

The following ndd changes will be made:

ip_forward_directed_broadcasts=0
ip_forward_src_routed=0
ip_forwarding=0
ip_ire_gw_probe=0
ip_pmtu_strategy=1
ip_send_source_quench=0
tcp_conn_request_max=4096
tcp_syn_rcvd_max=1000

We have run this on several 11.11 and 11.23 systems and nndconf was not updated.

However, for 11.31 it was.

Does anyone know the cause?

If these settings are not already in the file then is it the case that running bastille with HOST.config will not update nndconf?

Many thanks,
USG2 - CITEC

CITEC HP TEAM · ‎02-09-2009

/var/opt/sec_mgmt/bastille/TODO.txt :)

Yes manual entry needed

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Bastille does not lock down ip_forwarding

Bastille does not lock down ip_forwarding

Re: Bastille does not lock down ip_forwarding