rarias/jungle
2
0
Fork 3
Code Issues 58 Pull Requests 8 Actions Packages Projects Releases Wiki Activity

Compare commits

base: rarias:a57ee60342f1c31cb05d1dd2def2885bd5ce7c68
Branches Tags
rarias:master rarias:add-ssanzmar rarias:enableStrictDeps rarias:fox-regression rarias:pkgs/tacuda rarias:pkgs/tasycl rarias:robust-fetchGit rarias:old-master rarias:gitea-lfs rarias:only-restart-logins rarias:monitor-gpfs-home rarias:add-tent-machine rarias:m/raccoon rarias:add-fpga-u280 rarias:maintenance-purchase rarias:add-fox-machine rarias:share-files rarias:shared-nix-store rarias:intro-nix rarias:lake2-ipoib
...
compare: rarias:f187b2b39ed3bf6d2ce8a123a32f8b758c31b198
Branches Tags
rarias:add-ssanzmar rarias:master rarias:enableStrictDeps rarias:fox-regression rarias:pkgs/tacuda rarias:pkgs/tasycl rarias:robust-fetchGit rarias:old-master rarias:gitea-lfs rarias:only-restart-logins rarias:monitor-gpfs-home rarias:add-tent-machine rarias:m/raccoon rarias:add-fpga-u280 rarias:maintenance-purchase rarias:add-fox-machine rarias:share-files rarias:shared-nix-store rarias:intro-nix rarias:lake2-ipoib

1 Commits
a57ee60342 ... f187b2b39e

Author SHA1 Message Date
Rodrigo Arias Mallo
f187b2b39e Silently ban OpenVAS BSC scanner from apex 
It is spamming our logs with refused connection lines:

  apex% sudo journalctl -b0 | grep 'refused connection.*SRC=192.168.8.16' | wc -l
  13945
 2025-07-15 17:27:49 +02:00
1 changed files with 8 additions and 0 deletions
Expand all files Collapse all files

8
m/apex/configuration.nix
View File

@@ -65,6 +65,14 @@
ProxyJump raccoon
'';
networking.firewall = {
extraCommands = ''
# Blackhole BSC vulnerability scanner (OpenVAS) as it is spamming our
# logs. Insert as first position so we also protect SSH.
iptables -I nixos-fw 1 -p tcp -s 192.168.8.16 -j nixos-fw-refuse
'';
};
# Use tent for cache
nix.settings = {
extra-substituters = [ "https://jungle.bsc.es/cache" ];