diff --git a/defaults/main.yml b/defaults/main.yml index f3388421..89a4a880 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -541,12 +541,6 @@ ubtu22cis_ufw_allow_out_ports: # nftables configs are applied to # ubtu22cis_nftables_table_name: "inet filter" -# Controls 3.5.3.2.1 through 3.5.3.3.4 -# The iptables module only writes to memory which means a reboot could revert settings -# The below toggle will install iptables-persistent and save the rules in memory (/etc/iptables/rules.v4 or rules.v6) -# This makes the CIS role changes permenant and is managed via a handler -ubtu22cis_save_iptables_cis_rules: true - # Section 4 Control Variables # Control 4.1.1.4 # ubtu22cis_audit_back_log_limit is the audit_back_log limit and should be set to a sufficient value