WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-20 03:57:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

proxies: block a few more nets

Browse Source 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi
2025-06-28 17:07:23 -07:00
parent da58790976
commit 46e93ae29b
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
inventory/group_vars/proxies
View File

@@ -61,6 +61,8 @@ nft_block_rules:
- 'add rule ip filter INPUT ip saddr 47.235.0.0/16 counter reject'
- 'add rule ip filter INPUT ip saddr 47.240.0.0/14 counter reject'
- 'add rule ip filter INPUT ip saddr 47.244.0.0/15 counter reject'
- 'add rule ip filter INPUT ip saddr 152.53.36.0/24 counter reject'
- 'add rule ip filter INPUT ip saddr 66.249.69.0/24 counter reject'
nft_custom_rules:
# Need for rsync from log01 for logs.
- 'add rule ip filter INPUT ip saddr 10.3.163.39 tcp dport 873 counter accept'