From 0a5358665eb24fa5cab6c8556e25329e00c89316 Mon Sep 17 00:00:00 2001
From: Abubakr-Sadik Nii Nai Davis <dwa2pac@gmail.com>
Date: Wed, 7 Nov 2018 23:57:38 +0000
Subject: [PATCH] By default --make-iptables-util-chain is true, so PASS if
 this flag is not set.

---
 cfg/1.11/node.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/cfg/1.11/node.yaml b/cfg/1.11/node.yaml
index 66e8c5c..2675601 100644
--- a/cfg/1.11/node.yaml
+++ b/cfg/1.11/node.yaml
@@ -164,6 +164,8 @@ groups:
           op: eq
           value: true
         set: true
+      - flag: "--make-iptables-util-chains"
+        set: false
     remediation: |
       If using a Kubelet config file, edit the file to set makeIPTablesUtilChains: true .
       If using command line arguments, edit the kubelet service file
-- 
GitLab