Date: Sun, 30 Sep 2012 14:50:15 -0400
From: Shawn Wells <shawn@redhat.com>
To: scap-security-guide@lists.fedorahosted.org
Subject: Re: [PATCH] Fixed typo in example iptables network/netmask
pair for limiting ssh port to trusted networks.
Message-ID: <50689467.5000400@redhat.com>
Content-Type: text/plain; charset=UTF-8; format=flowed

On 9/28/12 1:21 PM, Andrew Gilmore wrote:
> -<pre>-A RH-Firewall-1-INPUT -s netwk /mask -m state --state NEW -p tcp --dport 22 -j ACCEPT</pre>
> +<pre>-A RH-Firewall-1-INPUT -s netwk/mask -m state --state NEW -p tcp --dport 22 -j ACCEPT</pre>

Thanks for the catch! Ack

Please push (or indicate you need someone to do so for you).

I don't have write access, this patch was mostly a drive by.

Please push.

My agency is attempting to STIG a CentOS 6 image themselves, and I both don't have time to wait, and thought someone else was probably doing it. I'm glad you all are, but seems like you're months out as well from production release. I know, I know, it is done when it is done. :)

I should probably introduce myself, as well.

I work for a Dept. of Interior agency on databases and hydrology, but sometimes dabble here and there. :) I have contributed to the CIS benchmarks for RHEL 5 and 6, and have all of two lines of code in the linux kernel. :)

Thanks,

Andrew