Bug ID 636189: Output of sysctl reports incorrect values of variables accept_redirects, send_redirects, and secure_redirects for TMM interfaces

Last Modified: Jan 20, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,,,, 13.1.4,, 13.1.5,, 14.0.0,,,,,, 14.0.1,, 14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,, 15.0.0, 15.0.1,,,,

Fixed In:

Opened: Dec 29, 2016
Severity: 4-Minor


The output of sysctl can make it appear that TMM-based interfaces support route-adjustment functionality upon receipt of ICMP redirect messages, but TMM does not.


Security scanners mark this as a problem that exposes a man-in-the-middle issue, but that is not the case; TMM does not update the routing cache upon receipt of these messages.


Running the sysctl command with the variables accept_redirects, send_redirects, and secure_redirects.



Fix Information

Disabling specific sysctl variables that do not apply to TMM interfaces

Behavior Change