Ensuring network security when iptables encounters an error on network startup

Solution Unverified - Updated -

Issue

  • If a fully qualified domain name is inserted into an IPTables ruleset without being evaluated into its constituent A records, IPTables will fail into an open state, with default ACCEPT policies for all chains.

Environment

  • Red Hat Enterprise Linux 5 or 6

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In