I spent a few years at a startup and answered many support tickets. My favorite people were those that would break things, and then get irate that you were "asking questions and not solving problems."
One great example was an admin that claimed our software wasn't working properly. After some prompting, he let me know that things were timing out with symptoms that matched an inability to contact the database server. I asked if they'd changed anything on their end, and the answer was "no". Trying to dig in further just made him more irate.
After several more minutes of me asking questions and him getting increasingly mad, he proudly announced that he solved the problem. When I asked him how, he said that he turned off the firewall. I then asked if they'd changed anything on the firewall recently that could have affected the connection between server and DB, and he said no there were no changes. When I pressed to ask if he was sure, he responded that there couldn't have been any changes because they'd just installed the firewall earlier in the day.
I took a deep breath, told him I was happy his issue was resolved, and wished him a great day. I then took a break from going through the support escalation queue.
"...so I went and pushed the reset button on the server, and tried reloading, and it still didn't work. So I unplugged it and replugged it; and now it wont do anything."
Better yet: I had a call to "come replace a desktop system" that someone had been complaining about for a while. they'd opened the case and stomped on the innards a few times.
Which wouldn't have been a thing but for the fact this was the sub-server for the Layout Dept's "Mac network" they insisted on having. It wasn't a good desktop because it was running fileserver and proxy and who knows what else for several others too... until it got stomped.
The reason the machine had been there? They insisted on having their network all in office and "under their control". This server was up as a terminal with web browser etc on it because "there's no point in having a computer sitting here useless!" and it gave the Dept head a good feeling to have it on his desk.
Even got to ask "Had you been taking backups?" They hadn't.
Although I agree that some people shouldn't have an access to the machine room, this anecdote was caused due to the author's fault. It isn't reasonable to suspect that problem is with your machine when you can connect to one box in your network no problem and can't to another. That iptables rule shouldn't have stayed there so long - you can set cron to send yourself a monthly reminder whether the rule is still needed. So what really happened: "sysadmin" is causing their users problems and then makes pikachu face when users try to solve them when sysadmin isn't around.
I agree, both 'sides' to this story share a little responsibility
You would think someone watching logs so diligently would also note the counters for dropped packets ceasing, and probably look to remove the rule
Because well, they use DHCP. Those IPs by very nature of that environment are not static.. so rules dropping them shouldn't be either.
Maybe just accept that services get unwanted traffic and QoS and structured logs exist for a reason. This is like early optimization, good intentions leading to holes in feet.
I can look past it though for benefit of the story.
The person flipping power had far more reasonable options at their disposal... Though I doubt they would expect a problem specifically with their source IP - a bit rigged
One great example was an admin that claimed our software wasn't working properly. After some prompting, he let me know that things were timing out with symptoms that matched an inability to contact the database server. I asked if they'd changed anything on their end, and the answer was "no". Trying to dig in further just made him more irate.
After several more minutes of me asking questions and him getting increasingly mad, he proudly announced that he solved the problem. When I asked him how, he said that he turned off the firewall. I then asked if they'd changed anything on the firewall recently that could have affected the connection between server and DB, and he said no there were no changes. When I pressed to ask if he was sure, he responded that there couldn't have been any changes because they'd just installed the firewall earlier in the day.
I took a deep breath, told him I was happy his issue was resolved, and wished him a great day. I then took a break from going through the support escalation queue.