From: Leland Steinke <[email protected]> Guidance did not remind users to reload firewall rules if a change was required
Signed-off-by: Leland Steinke <[email protected]> --- RHEL/6/input/system/network/iptables.xml | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/RHEL/6/input/system/network/iptables.xml b/RHEL/6/input/system/network/iptables.xml index 639b16e..0876645 100644 --- a/RHEL/6/input/system/network/iptables.xml +++ b/RHEL/6/input/system/network/iptables.xml @@ -73,6 +73,8 @@ the built-in INPUT chain which processes incoming packets, add or correct the following line in <tt>/etc/sysconfig/ip6tables</tt>: <pre>:INPUT DROP [0:0]</pre> +If changes were required, reload the ip6tables rules: +<pre>$ sudo service ip6tables reload</pre> </description> <ocil clause="the default policy for the INPUT chain is not set to DROP"> If IPv6 is disabled, this is not applicable. -- 1.7.1 -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
