#!/bin/bash

cat <<END_SCRIPT >> /etc/sysctl.conf
# The following 4 lines added, per CIS Red Hat Enterprise Linux Benchmark sec 5.2:
net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.icmp_ignore_bogus_error_responses = 1
END_SCRIPT
chown root:root /etc/sysctl.conf
chmod 0600      /etc/sysctl.conf
echo "diff /etc/sysctl.conf-preCIS /etc/sysctl.conf"
      diff /etc/sysctl.conf-preCIS /etc/sysctl.conf