Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than what is configured on the router, which can be used to bypass network security measures.

This requirement applies only to the forwarding of source-routed traffic, such as when IPv4 forwarding is enabled and the system is functioning as a router.

1

Run the # grep [01] /proc/sys/net/ipv4/conf/*/accept_source_route|egrep "default|all" command to verify whether the system does not use IPv4 source routed packets

2

Configure the host system to deny forwarding of IPv4 source routed packets.

a

Open the /etc/sysctl.conf file with a text editor.

b

If the values are not set to 0, ensure that net.ipv4.conf.all.accept_source_route=0 and the et.ipv4.conf.default.accept_source_route=0 are set to 0.

c

Save and close the file.