[Enhancement] Admin plane: Orphaned method AdminSecurityController::iptables() — route removed 2026-05-30, zero inbound references

Area: Admin plane (audit p12) · Surface: GET /admin/iptables (legacy, removed) · Dimension: dead-code · Severity: minor

The /iptables surface is now owned by the separate AdminIptablesController (route GET /iptables → AdminIptablesController@index at routes.php:1896, rendering templates/admin/iptables/index.php). The old AdminSecurityController::iptables() method and its private helper readIptablesSnapshot() (AdminSecurityController.php:266) are no longer reachable by any route or internal call — pure dead code left behind by the 2026-05-30 redesign.

Evidence

routes.php:1705-1707 documents removal: "The legacy /iptables route (AdminSecurityController@iptables) was removed 2026-05-30."  The public method still exists: platform/src/Controllers/AdminSecurityController.php:128 `public function iptables(): void`.  Grep proof of zero live route + zero inbound call:
$ grep -nE 'AdminSecurityController@iptables' src/routes.php | grep -vE 'NOTE|legacy|removed'  → (empty)
$ grep -rn 'iptables(' src/ | grep -v 'readIptablesSnapshot' | grep -v 'AdminSecurityController.php:128'  → (empty)

Suggested fix. Delete AdminSecurityController::iptables() (line 128) and the now-unused private readIptablesSnapshot() helper (line 266), and remove the stale legacy-route comment block at routes.php:1705-1707.

Filed by the automated tenant-app audit and adversarially evidence-verified. Status: verified. Open — not yet actioned.