From e7119e1fd11ee693828ef4090e8cf6bebf1bc538 Mon Sep 17 00:00:00 2001
From: David Noland <dnoland@rancher.com>
Date: Wed, 23 Oct 2019 21:49:06 -0700
Subject: [PATCH] Applied same fix for 2.1 and 2.2.

---
 content/rancher/v2.x/en/security/hardening-2.1/_index.md | 4 ++--
 content/rancher/v2.x/en/security/hardening-2.2/_index.md | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/content/rancher/v2.x/en/security/hardening-2.1/_index.md b/content/rancher/v2.x/en/security/hardening-2.1/_index.md
index 07c9338593a..e525794f055 100644
--- a/content/rancher/v2.x/en/security/hardening-2.1/_index.md
+++ b/content/rancher/v2.x/en/security/hardening-2.1/_index.md
@@ -366,8 +366,8 @@ To pass the following controls in the CIS benchmark, ensure the appropriate flag
 Inspect the Kubelet containers on all hosts and verify that they are running with the following options:
 
 - `--streaming-connection-idle-timeout=<duration greater than 0>`
-- `--protect-kernel-defaults=false`
-- `--make-iptables-util-chains=false`
+- `--protect-kernel-defaults=true`
+- `--make-iptables-util-chains=true`
 - `--event-qps=0`
 
 **Remediation**
diff --git a/content/rancher/v2.x/en/security/hardening-2.2/_index.md b/content/rancher/v2.x/en/security/hardening-2.2/_index.md
index 2f73b7c0be2..f6d24831f25 100644
--- a/content/rancher/v2.x/en/security/hardening-2.2/_index.md
+++ b/content/rancher/v2.x/en/security/hardening-2.2/_index.md
@@ -385,8 +385,8 @@ Inspect the Kubelet containers on all hosts and verify that they are running wit
 
 - `--streaming-connection-idle-timeout=<duration greater than 0>`
 - `--authorization-mode=Webhook`
-- `--protect-kernel-defaults=false`
-- `--make-iptables-util-chains=false`
+- `--protect-kernel-defaults=true`
+- `--make-iptables-util-chains=true`
 - `--event-qps=0`
 - `--anonymous-auth=false`
 - `--feature-gates="RotateKubeletServerCertificate=true"`