Information
The ipsrcrouteforward parameter determines whether or not the system forwards IPV4 source-routed packets.
Rationale:
The ipsrcrouteforward will be set to 0, to prevent source-routed packets being forwarded by the system. This would prevent a hacker from using source-routed packets to bridge an external facing server to an internal LAN, possibly even through a firewall.
Solution
In /etc/tunables/nextboot, add the ipsrcrouteforward entry:
no -p -o ipsrcrouteforward=0
This makes the change permanent by adding the entry into /etc/tunables/nextboot
Default Value:
1