From 37e2d34eb6cd693ff293ea26e1a549be395efbec Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Tue, 30 Dec 2025 08:58:11 -0800 Subject: [PATCH] proxies: block IP attempting SQL injections on openQA (prod) My staging effort seems to have worked, so let's do prod too. Signed-off-by: Adam Williamson --- inventory/group_vars/proxies | 1 + 1 file changed, 1 insertion(+) diff --git a/inventory/group_vars/proxies b/inventory/group_vars/proxies index 38651e79de..a5e8a13ae4 100644 --- a/inventory/group_vars/proxies +++ b/inventory/group_vars/proxies @@ -65,6 +65,7 @@ nft_block_rules: - 'add rule ip filter INPUT ip saddr 66.249.69.0/24 counter reject' - 'add rule ip filter INPUT ip saddr 159.138.218.0/24 counter reject' - 'add rule ip filter INPUT ip saddr 188.75.180.46/32 counter reject' + - 'add rule ip filter INPUT ip saddr 2.57.121.144/32 counter reject' nft_custom_rules: # Need for rsync from log01 for logs. - 'add rule ip filter INPUT ip saddr 10.16.163.39 tcp dport 873 counter accept'