[daily-firewall-report] Daily Firewall Report - 2026-04-08

[github-actions[bot]]

📊 Executive Summary

This report covers firewall activity across all agentic workflows in the github/gh-aw repository for April 8, 2026. A total of 30 firewall-enabled workflow runs were analyzed, generating 626 total network requests. The overall block rate is low at 2.9% (18 blocked out of 626 total), with blocking concentrated in 3 workflows running the Codex engine — all attempting to reach ChatGPT domains (chatgpt.com, ab.chatgpt.com) that are not in any allowed-domain list.

A notable finding is that the Changeset Generator workflow also attempted to reach github.com and api.github.com directly, which were blocked because its allowed-domains config (defaults, node, go) does not include the github preset — this is a misconfiguration that may impair functionality.

---

📈 Firewall Activity Trends

Request Patterns

The majority of network traffic is legitimate and allowed. The heaviest consumers are the Daily Community Attribution Updater (167 requests), Glossary Maintainer (124), and Daily Go Function Namer / Daily Testify Uber Super Expert (80 each). The three workflows with blocked traffic — Changeset Generator, Smoke Codex, and AI Moderator — are all running the Codex engine.

Top Blocked Domains

ChatGPT-related domains dominate the blocked list, accounting for 13 of 18 blocked requests (72%). These appear to be telemetry or home-call requests initiated by the Codex engine itself rather than intentional workflow actions. The 5 GitHub-related blocks in Changeset Generator are a separate misconfiguration issue.

---

📋 Key Metrics

Metric	Value
🔥 Workflows analyzed	30
📡 Total network requests	626
✅ Allowed requests	608
🚫 Blocked requests	18
📊 Block rate	2.9%
🌐 Unique blocked domains	5
🗓️ Analysis period	Last 7 days (today: April 8, 2026)

---

🚫 Top Blocked Domains

Domain	Blocks	Category	Workflows Affected
ab.chatgpt.com	10	AI/ChatGPT Telemetry	Changeset Generator, Smoke Codex, AI Moderator
chatgpt.com	3	AI/ChatGPT	Changeset Generator, Smoke Codex, AI Moderator
github.com	3	Development	Changeset Generator
api.github.com	1	Development	Changeset Generator
codeload.github.com	1	Development	Changeset Generator

---

🛡️ Policy Rule Attribution

Policy Configuration (from analyzed runs): 6 rules, SSL Bump disabled, DLP disabled

Rule	Action	Description
deny-unsafe-ports	🔴 deny	Deny requests to ports not in Safe_ports ACL
deny-connect-unsafe-ports	🔴 deny	Deny CONNECT to unsafe ports
deny-raw-ipv4	🔴 deny	Deny requests to raw IPv4 addresses
deny-raw-ipv6	🔴 deny	Deny requests to raw IPv6 addresses
allow-both-plain	🟢 allow	Allow HTTP/HTTPS traffic to allowlisted domains
deny-default	🔴 deny	Default deny — all other traffic

All 18 blocked requests matched the deny-default rule (domains not in any allow list). There were no unsafe-port or raw IP access attempts.

Rule Effectiveness: The deny-default rule is doing all the blocking work, catching both the Codex engine telemetry calls and the GitHub misconfiguration. The allow-both-plain rule handles all legitimate traffic. The deny-raw-ipv4/deny-raw-ipv6 rules had zero hits today — indicating no bypass attempts.

---

View Detailed Request Patterns by Workflow

Workflow: Changeset Generator (run 24120376708) — Codex engine

Domain	Allowed	Blocked	Block Rate
registry.npmjs.org	15	0	0%
proxy.golang.org	6	0	0%
ab.chatgpt.com	0	5	100%
github.com	0	3	100%
api.openai.com	1	0	0%
storage.googleapis.com	1	0	0%
chatgpt.com	0	1	100%
api.github.com	0	1	100%
codeload.github.com	0	1	100%

• Allowed domains config: defaults, node, go (missing github preset)
• Total blocked: 11 | Total allowed: 23

Workflow: Smoke Codex (run 24120376714) — Codex engine

Domain	Allowed	Blocked	Block Rate
github.com	2	0	0%
ab.chatgpt.com	0	4	100%
proxy.golang.org	1	0	0%
api.openai.com	1	0	0%
storage.googleapis.com	1	0	0%
chatgpt.com	0	1	100%

• Allowed domains config: defaults, github, playwright
• Total blocked: 5 | Total allowed: 5

Workflow: AI Moderator (run 24122554196) — Codex engine

Domain	Allowed	Blocked	Block Rate
github.com	2	0	0%
api.openai.com	1	0	0%
chatgpt.com	0	1	100%
ab.chatgpt.com	0	1	100%

• Allowed domains config: defaults, github
• Total blocked: 2 | Total allowed: 21

View Complete Blocked Domains List (Alphabetical)

Domain	Total Blocks	Category	Workflows
ab.chatgpt.com	10	AI/ChatGPT Telemetry	Changeset Generator, Smoke Codex, AI Moderator
api.github.com	1	Development	Changeset Generator
chatgpt.com	3	AI/ChatGPT	Changeset Generator, Smoke Codex, AI Moderator
codeload.github.com	1	Development	Changeset Generator
github.com	3	Development	Changeset Generator

---

💡 Security Recommendations

1. 🔧 Fix Changeset Generator allowed-domains configuration — The workflow uses ['defaults', 'node', 'go'] but is attempting to access github.com, api.github.com, and codeload.github.com. Since this workflow likely needs GitHub access for changeset operations, the github preset should be added to its allowed_domains config. This is a functionality issue, not just a security one.

2. 🔍 Investigate Codex engine ChatGPT telemetry — All three Codex-engine workflows (Changeset Generator, Smoke Codex, AI Moderator) attempt to connect to ab.chatgpt.com and chatgpt.com. These appear to be background telemetry or home-call requests from the Codex model runtime. Since chatgpt.com is not an OpenAI API domain (unlike api.openai.com, which is allowed and working), these calls appear to be analytics beacons. No action needed from a security perspective — the firewall is correctly blocking these. Monitor for increases in frequency.

3. ✅ All GitHub domain blocks are misconfiguration — The github.com, api.github.com, and codeload.github.com blocks are not security concerns; they are configuration issues in Changeset Generator. The github preset should be added.

4. 📊 Zero unsafe-port or IP-bypass attempts — No workflow attempted to connect to raw IP addresses or non-standard ports, indicating no active evasion attempts. The protective rules (deny-raw-ipv4, deny-raw-ipv6, deny-unsafe-ports) had zero hits.

5. 🟡 27 of 30 runs produced zero blocked requests — Most workflows are operating cleanly within their network permissions. Only Codex-engine workflows are generating blocked requests, all from the same pattern.

---

References:

• §24120376708 — Changeset Generator (11 blocked)
• §24120376714 — Smoke Codex (5 blocked)
• §24122554196 — AI Moderator (2 blocked)

Generated by Daily Firewall Logs Collector and Reporter · ● 2M · ◷

• expires on Apr 11, 2026, 11:58 AM UTC

[github-actions[bot]]

This discussion has been marked as outdated by Daily Firewall Logs Collector and Reporter.

A newer discussion is available at Discussion #25632.