I have recently taken over operational support of OPMS. I have been questioned about OPMS and the need for enabling IP Forwarding due to CVE-1999-0511. Is there an alternative way of handling the communication instead of allowing IP Forwarding?
OPMS runs on Docker, and Docker by design cannot work without IP Forwarding.
The CVE says 'IP forwarding is enabled on a machine which is not a router or firewall'.
Linux does contain a firewall, so customer can set up rules to mitigate the issue as they see fit.