diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index 889b0073..beb07c0e 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -11633,15 +11633,15 @@ defense-evasion:
         prereq_command: |
           if [ ! -x "$(command -v iptables)" ]; then echo -e "\n***** iptables NOT installed *****\n"; exit 1; fi
           if ! echo "$(iptables -L)" | grep -q "DROP .*dpt:ftp"; then echo -e "\n***** this firewall rule is NOT activated *****\n***** activate it by executing \"iptables -A OUTPUT -p tcp --dport 21 -j DROP\" *****\n"; exit 1; fi
-        get_prereq_command: 'echo ""
-
-          '
+        get_prereq_command: |
+          iptables-save > /tmp/iptables.rules
+          if echo "$(iptables -L)" | grep -q "DROP .*dpt:ftp"; then echo "Rule found"; else echo "Rule not found. Setting it..."; iptables -A OUTPUT -p tcp --dport 21 -j DROP; fi
       executor:
         name: sh
         elevation_required: true
-        command: |
-          iptables-save > /tmp/iptables.rules
-          iptables -D OUTPUT -p tcp --dport 21 -j DROP
+        command: 'iptables -D OUTPUT -p tcp --dport 21 -j DROP
+
+          '
         cleanup_command: 'iptables-restore < /tmp/iptables.rules
 
           '
diff --git a/atomics/Indexes/linux-index.yaml b/atomics/Indexes/linux-index.yaml
index cb8a3ffa..606ba08c 100644
--- a/atomics/Indexes/linux-index.yaml
+++ b/atomics/Indexes/linux-index.yaml
@@ -6789,15 +6789,15 @@ defense-evasion:
         prereq_command: |
           if [ ! -x "$(command -v iptables)" ]; then echo -e "\n***** iptables NOT installed *****\n"; exit 1; fi
           if ! echo "$(iptables -L)" | grep -q "DROP .*dpt:ftp"; then echo -e "\n***** this firewall rule is NOT activated *****\n***** activate it by executing \"iptables -A OUTPUT -p tcp --dport 21 -j DROP\" *****\n"; exit 1; fi
-        get_prereq_command: 'echo ""
-
-          '
+        get_prereq_command: |
+          iptables-save > /tmp/iptables.rules
+          if echo "$(iptables -L)" | grep -q "DROP .*dpt:ftp"; then echo "Rule found"; else echo "Rule not found. Setting it..."; iptables -A OUTPUT -p tcp --dport 21 -j DROP; fi
       executor:
         name: sh
         elevation_required: true
-        command: |
-          iptables-save > /tmp/iptables.rules
-          iptables -D OUTPUT -p tcp --dport 21 -j DROP
+        command: 'iptables -D OUTPUT -p tcp --dport 21 -j DROP
+
+          '
         cleanup_command: 'iptables-restore < /tmp/iptables.rules
 
           '
diff --git a/atomics/T1562.004/T1562.004.md b/atomics/T1562.004/T1562.004.md
index 791c28d9..d88e3364 100644
--- a/atomics/T1562.004/T1562.004.md
+++ b/atomics/T1562.004/T1562.004.md
@@ -847,7 +847,6 @@ By doing so, they may cause less noise to avoid detection.
 
 
 ```sh
-iptables-save > /tmp/iptables.rules
 iptables -D OUTPUT -p tcp --dport 21 -j DROP
 ```
 
@@ -867,7 +866,8 @@ if ! echo "$(iptables -L)" | grep -q "DROP .*dpt:ftp"; then echo -e "\n***** thi
 ```
 ##### Get Prereq Commands:
 ```sh
-echo ""
+iptables-save > /tmp/iptables.rules
+if echo "$(iptables -L)" | grep -q "DROP .*dpt:ftp"; then echo "Rule found"; else echo "Rule not found. Setting it..."; iptables -A OUTPUT -p tcp --dport 21 -j DROP; fi
 ```