--- upgrade: - The net.ipv4.conf.default.send_redirects & net.ipv4.conf.all.send_redirects are now set to 0 to prevent a compromised host from sending invalid ICMP redirects to other router devices. - The net.ipv4.conf.default.accept_redirects, net.ipv6.conf.default.accept_redirects & net.ipv6.conf.all.accept_redirects are now set to 0 to prevent forged ICMP packet from altering host's routing tables. - The net.ipv4.conf.default.secure_redirects & net.ipv4.conf.all.secure_redirects are now set to 0 to disable acceptance of secure ICMP redirected packets. security: - Invalide ICMP redirects may corrupt routing and have users access a system set up by the attacker as opposed to a valid system. - Routing tables may be altered by bogus ICMP redirect messages and send packets to incorrect networks. - Secure ICMP redirects are the same as ICMP redirects, except they come from gateways listed on the default gateway list.