Verify firewalld Enabled
An XCCDF Rule
Description
The firewalld
service can be enabled with the following command:
$ sudo systemctl enable firewalld.service
Rationale
Access control methods provide the ability to enhance system security posture by restricting services and known good IP addresses and address ranges. This prevents connections from unknown hosts and protocols.
- ID
- xccdf_org.ssgproject.content_rule_service_firewalld_enabled
- Severity
- Medium
- References
- Updated
Remediation - OS Build Blueprint
[customizations.services]
enabled = ["firewalld"]
Remediation - Ansible
- name: Gather the package facts
package_facts:
manager: auto
tags:
- CCE-91466-3
- NIST-800-171-3.1.3
Remediation - Shell Script
# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && { rpm --quiet -q firewalld; }; then
SYSTEMCTL_EXEC='/usr/bin/systemctl'
"$SYSTEMCTL_EXEC" unmask 'firewalld.service'
"$SYSTEMCTL_EXEC" start 'firewalld.service'
Remediation - Puppet
include enable_firewalld
class enable_firewalld {
service {'firewalld':
enable => true,
ensure => 'running',