{"description": "The <code>iptables-services</code> package can be removed with the following command:\n<pre>\n$ apt-get remove iptables-services</pre>", "rationale": "<tt>iptables-services</tt> provides the services iptables and ip6tables that have been split\nout of the base package since they are not active by default anymore. These services load the\niptables rules during the system startup and also allow one to reload the iptables rules\nduring runtime. Those iptables services conflicts with firewalld so they should be removed if\nfirewalld is used.", "severity": "medium", "references": {}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "the iptables-services package is installed", "ocil": " Run the following command to determine if the <code>iptables-services</code> package is installed: <pre>$ dpkg -l  iptables-services</pre>", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": "package[iptables]", "platforms": ["package[iptables]"], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": ["package_iptables"], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Remove iptables-services Package", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/network/network-iptables/package_iptables-services_removed/rule.yml", "template": {"name": "package_removed", "vars": {"pkgname": "iptables-services"}, "backends": {}}}