Ensure iptables Service Is Enabled and Active : iCompaas Support

Profile Applicability:
• Level 1

Description:
The iptables service manages firewall rules on Linux systems. Ensuring that the iptables service is enabled and actively running guarantees that firewall policies are enforced consistently across reboots, protecting the system from unauthorized network traffic.

Rationale:
Enabling and running the iptables service ensures continuous firewall protection and consistent application of security policies.

Impact:
Pros:

Provides continuous firewall enforcement.
Supports stateful firewall operation and network security.

Cons:

Requires proper rule configuration to be effective.

Default Value:
The iptables service may be installed but not enabled or running by default on some systems.

Pre-requisites:

Root or sudo privileges to manage system services.

Remediation:

Test Plan:

Using Linux command line:

1. Check if iptables service is enabled:

systemctl is-enabled iptables

2. Check if iptables service is active:

systemctl is-active iptables

Implementation Plan:

Using Linux command line:

1. Enable the iptables service:

systemctl enable iptables

2. Start the iptables service:

systemctl start iptables

3. Verify the service status:

systemctl is-enabled iptables  
systemctl is-active iptables

Backout Plan:

Using Linux command line:

1. Disable the iptables service if necessary:

systemctl disable iptables

2. Stop the iptables service:

systemctl stop iptables

3. Verify the service status.

References:

CIS Amazon Linux 2 Benchmark v3.0.0
iptables Documentation
Systemd Service Management

Ensure iptables Service Is Enabled and Active Print

Test Plan:

Implementation Plan:

Backout Plan:

Related Articles