sr2/RHEL9-CIS
4
0
Fork 0
forked from ansible-lockdown/RHEL9-CIS
Code Activity

Update Changelog with fixes

Browse source 
Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>
This commit is contained in:
Frederick Witty 2025-09-02 17:14:30 -04:00
parent 39c7dfa187
commit de7555aa10
No known key found for this signature in database
GPG key ID: D29987C25A47D813
4 changed files with 12 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tasks/section_4/cis_4.3.x.yml
View file

@ -81,7 +81,7 @@
register: discovered_nftables_inconnectionrule
- name: "4.3.2 | AUDIT | Ensure nftables established connections are configured | Gather outbound connection rules"
ansible.builtin.command: nft list ruleset | awk '/hook output/,/}/' | grep -E 'ip protocol (tcp|udp|icmp) ct state'
ansible.builtin.shell: nft list ruleset | awk '/hook output/,/}/' | grep -E 'ip protocol (tcp|udp|icmp) ct state'
changed_when: false
failed_when: false
register: discovered_nftables_outconnectionrule