Ensure iptables are flushed

An XCCDF Rule

Details
Profiles
Prose

Description

nftables is a replacement for iptables, ip6tables, ebtables and arptables

Rationale

It is possible to mix iptables and nftables. However, this increases complexity and also the chance to introduce errors. For simplicity flush out all iptables rules, and ensure it is not loaded.

ID: xccdf_org.ssgproject.content_rule_ensure_iptables_are_flushed
Severity: Medium
References: 3.5.2.3

CCE-92523-0
Updated: about 1 year ago