From c4bdfcc89723d5bc11e4d5c4a5ef6ad7a2b96702 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Fri, 13 Feb 2026 08:46:24 -0800 Subject: [PATCH] proxies: block a ip that was hitting release-monitoring.org a lot This ip had hit release-monitoring.org like 5,000,000 times in the course of a few hours and swamped it's web pod. Lets block it for now and see if anyone complains. If this is you: please add some rate limiting. Signed-off-by: Kevin Fenzi --- inventory/group_vars/proxies | 1 + 1 file changed, 1 insertion(+) diff --git a/inventory/group_vars/proxies b/inventory/group_vars/proxies index 9577a126fe..48354ae605 100644 --- a/inventory/group_vars/proxies +++ b/inventory/group_vars/proxies @@ -84,6 +84,7 @@ nft_block_rules: - 'add rule ip filter INPUT ip saddr 101.47.184.0/21 counter reject' - 'add rule ip filter INPUT ip saddr 101.47.185.0/24 counter reject' - 'add rule ip filter INPUT ip saddr 101.47.186.0/23 counter reject' + - 'add rule ip filter INPUT ip saddr 34.159.191.146/32 counter reject' nft_custom_rules: # Need for rsync from log01 for logs. - 'add rule ip filter INPUT ip saddr 10.16.163.39 tcp dport 873 counter accept'