Skip to content

Verify firewalld Enabled

An XCCDF Rule

Description

The firewalld service can be enabled with the following command:

$ sudo systemctl enable firewalld.service

Rationale

Access control methods provide the ability to enhance system security posture by restricting services and known good IP addresses and address ranges. This prevents connections from unknown hosts and protocols.

ID
xccdf_org.ssgproject.content_rule_service_firewalld_enabled
Severity
Medium
References
Updated



Remediation - OS Build Blueprint


[customizations.services]
enabled = ["firewalld"]

Remediation - Ansible

- name: Gather the package facts
  package_facts:
    manager: auto
  tags:
  - DISA-STIG-RHEL-09-251015
  - NIST-800-171-3.1.3

Remediation - Puppet

include enable_firewalld

class enable_firewalld {
  service {'firewalld':
    enable => true,
    ensure => 'running',

Remediation - Shell Script

# Remediation is applicable only in certain platforms
if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && { rpm --quiet -q firewalld; }; then

SYSTEMCTL_EXEC='/usr/bin/systemctl'
"$SYSTEMCTL_EXEC" unmask 'firewalld.service'
"$SYSTEMCTL_EXEC" start 'firewalld.service'