openstack/ansible-hardening
Code Issues Proposed changes
ansible-hardening/tasks
History
Kamil Boratyński 5112569743 Implemented: V-38524. 
This patch disables ICMPv4 redirects feature on the host.
Accepting ICMP redirects has few legitimate uses.
It should be disabled unless it is absolutely required.

It is configurable by `security_disable_icmpv4_redirects`.
This feature is disabled by default as it can disrupt LXC deployments.

Change-Id: I228f8aa7b0df80cce16e54c5f1e11da678bfd67d
2016-06-03 21:42:58 +02:00
..
apt.yml
Remove "FAILED" from custom fail messages
2016-05-27 20:43:38 +02:00
auditd.yml
Remove "FAILED" from custom fail messages
2016-05-27 20:43:38 +02:00
auth.yml
Remove one more "FAILED" from a custom fail message
2016-06-01 15:47:46 +02:00
boot.yml
Security: Check for grub.cfg first
2016-02-29 14:15:29 -06:00
console.yml
Add CentOS 7 and Ubuntu 16.04 support
2016-05-13 14:57:28 -05:00
file_perms.yml
Migrate to unique variable names
2016-05-09 16:18:48 -05:00
kernel.yml
Implemented: V-38524.
2016-06-03 21:42:58 +02:00
lsm.yml
Enable LSM instead of checking status
2016-05-26 09:16:42 -05:00
mail.yml
Add CentOS 7 and Ubuntu 16.04 support
2016-05-13 14:57:28 -05:00
main.yml
Consistency for multi-os in the includes
2016-06-02 13:47:57 +00:00
misc.yml
Merge "Search for unlabeled device files"
2016-06-01 20:53:01 +00:00
nfsd.yml
Remove "FAILED" from custom fail messages
2016-05-27 20:43:38 +02:00
rpm.yml
Remove "FAILED" from custom fail messages
2016-05-27 20:43:38 +02:00
services.yml
Merge "Disable the netconsole service (if present)"
2016-05-25 21:39:51 +00:00
sshd.yml
Migrate to unique variable names
2016-05-09 16:18:48 -05:00