GitLab will be upgraded on 17-March-2025 between 12:00 and 14:00. There may be small periods of service instability.
The issue was that the firewall rules were being inserted below a rule that dropped all traffic. Here is a snippet from iptables-save.
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -j firewallgen_inputBy always inserting this beginning of the chain, we ensure that the rules in this chain always take precedence.