An XCCDF Group - A logical subset of the XCCDF Benchmark
If firewalld or iptables are being used in your environment, please follow the guidance in their respective section and pass-over the guidance in this section.
ip
ip6
inet
arp
bridge
netdev
nftables
$ sudo yum install nftables
$ sudo systemctl enable nftables.service
systemctl disable nftables
firewalld
$ sudo nft list tables table
/etc/nftables
$ sudo chgrp root /etc/nftables
$ sudo chown root /etc/nftables
$ sudo chmod 0700 /etc/nftables