OPMS and IP Forwarding alternatives
search cancel

OPMS and IP Forwarding alternatives

book

Article ID: 371064

calendar_today

Updated On:

Products

CA App Synthetic Monitor

Issue/Introduction

I have recently taken over operational support of OPMS.  I have been questioned about OPMS and the need for enabling IP Forwarding due to CVE-1999-0511.  Is there an alternative way of handling the communication instead of allowing IP Forwarding?

Resolution

OPMS runs on Docker, and Docker by design cannot work without IP Forwarding.

The CVE says 'IP forwarding is enabled on a machine which is not a router or firewall'.
Linux does contain a firewall, so customer can set up rules to mitigate the issue as they see fit.