Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than what is configured on the router, which can be used to bypass network security measures.
This requirement applies only to the forwarding of source-routed traffic, such as when IPv4 forwarding is enabled and the system is functioning as a router.
- Run the # grep  /proc/sys/net/ipv4/conf/*/accept_source_route|egrep "default|all" command to verify whether the system does not use IPv4 source routed packets
- Configure the host system to deny forwarding of IPv4 source routed packets.
- Open the /etc/sysctl.conf file with a text editor.
- If the values are not set to
0, ensure that
et.ipv4.conf.default.accept_source_route=0are set to
- Save and close the file.