From 37e2065bc7abc9c35252aa705022b13f6a8b730c Mon Sep 17 00:00:00 2001
From: samson <sccxboy@gmail.com>
Date: Thu, 29 Nov 2018 02:10:17 +0800
Subject: [PATCH] Add check item to auditd config.

---
 docs/examples/configurations/etc.audit.rules.d.audit.rules | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/docs/examples/configurations/etc.audit.rules.d.audit.rules b/docs/examples/configurations/etc.audit.rules.d.audit.rules
index c5f56b0..5aeeb67 100644
--- a/docs/examples/configurations/etc.audit.rules.d.audit.rules
+++ b/docs/examples/configurations/etc.audit.rules.d.audit.rules
@@ -90,3 +90,6 @@
 -w /etc/profile -p wa -k config_file_change
 -w /etc/profile.d/ -p wa -k config_file_change
 -w /etc/security/ -p wa -k config_file_change
+-w /etc/iptables/ -p wa -k config_file_change
+-w /etc/sysctl.conf -p wa -k config_file_change
+