sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

boolean variable true/false

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2022-01-13 16:51:17 +00:00
parent 727095ca35
commit 54f4e0b4b8
No known key found for this signature in database
GPG key ID: F734FDFC154B83FB
26 changed files with 92 additions and 90 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tasks/section_3/cis_3.4.3.x.yml
View file

@ -44,7 +44,7 @@
shell: nft create table inet "{{ rhel9cis_nft_tables_tablename }}"
args:
warn: false
failed_when: no
failed_when: false
when: rhel9cis_nft_tables_autonewtable
when:
- rhel9cis_firewall == "nftables"
@ -96,7 +96,7 @@
shell: "{{ item }}"
args:
warn: false
failed_when: no
failed_when: false
with_items:
- nft create chain inet "{{ rhel9cis_nft_tables_tablename }}" input { type filter hook input priority 0 \; }
- nft create chain inet "{{ rhel9cis_nft_tables_tablename }}" forward { type filter hook forward priority 0 \; }
@ -294,7 +294,7 @@
- name: "3.4.3.7 | L1 | PATCH | Ensure nftables service is enabled | Check if nftables is enabled"
service:
name: nftables
enabled: yes
enabled: true
when:
- rhel9cis_firewall == "nftables"
- rhel9cis_rule_3_4_3_7