Open mdc-git opened 3 years ago
Hi! Even if an IP gets denied after deleting a server, it will be allowed again once the server with that IP is back in the project. It seemed to work during my testing. Not sure why it's not working as expected for you. Weird
Might be timing. I was provisioning in very rapid succession over different datacenters.
Yeah, it's possible :)
But nevertheless just removing the old rules makes more sense than getting a big list of denies.
Might be me, but as far as I can tell the DENY rules introduced with update-config.sh are never cleaned up. With Hetzner giving you the same exact external IP on some machines if you delete and recreate a cluster quickly you might run into issues.
In my case I couldn't install an app from an external repo.
There was a DENY entry but I don't recall which machine. Wiped the rules, reapplied the inital version of the rules from setup.sh and ran update-config.sh again and everything was fine.
To finally solve the issue for me I changed
deny
todelete allow
which should accomplish the same job as the default INPUT policy is DROP according toiptables -L
I also chose to use the private network and only whitelisted 127.0.0.1 which seems to work ok by now.
changed to
This should remove the previously whitelisted entries. No?