Summary
By default, the installed Deep Security Agent (DSA) disables the iptables.
Know the workaround to prevent DSA from disabling iptables, and allow DSA to support the iptables firewall.
Details
As a workaround:
- Make sure you are running the following product builds or higher:
- DSA 8.0 build 2151
- DSA 9.0 build 2008
- Run the following touch commands to leave the iptables rules intact and confirm that the use_dsa_with_iptables file exists.
[root@RedHat6 sysconfig]# touch /etc/use_dsa_with_iptables
[root@RedHat6 sysconfig]# cd /etc
[root@RedHat6 etc]# ls use_dsa_with_iptables
use_dsa_with_iptables
The DSA will no longer disable the iptables when the use_dsa_with_iptables file exists.