diff --git a/roles/base/templates/iptables/ip6tables b/roles/base/templates/iptables/ip6tables
index e3dba2ac03..49db2f7851 100644
--- a/roles/base/templates/iptables/ip6tables
+++ b/roles/base/templates/iptables/ip6tables
@@ -20,12 +20,6 @@
 # allow ssh - always
 -A INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22 -j ACCEPT
 
-{% if inventory_hostname in groups['proxies'] %}
-{% for friend in friends6 %}
--A INPUT --src {{ friend }} -j DROP
-{% endfor %}
-{% endif %}
-
 # if the host/group defines incoming tcp_ports - allow them
 {% if tcp_ports is defined %}
 {% for port in tcp_ports %}
diff --git a/roles/base/templates/iptables/iptables b/roles/base/templates/iptables/iptables
index cf49cdf411..4e42a834d0 100644
--- a/roles/base/templates/iptables/iptables
+++ b/roles/base/templates/iptables/iptables
@@ -24,12 +24,6 @@
 -A INPUT -p tcp -m tcp --dport 5666  -s 209.132.181.35 -j ACCEPT
 -A INPUT -p tcp -m tcp --dport 5666 -s 10.5.126.41 -j ACCEPT
 
-{% if inventory_hostname in groups['proxies'] %}
-{% for friend in friends4 %}
--A INPUT --src {{ friend }} -j DROP
-{% endfor %}
-{% endif %}
-
 {% if env != 'staging' and datacenter == 'phx2' and inventory_hostname not in groups['staging-friendly'] %}
 #
 # In the phx2 datacenter, both production and staging hosts are in the same 
diff --git a/roles/base/templates/iptables/iptables.osuosl b/roles/base/templates/iptables/iptables.osuosl
index 102ee7c394..9efba777f6 100644
--- a/roles/base/templates/iptables/iptables.osuosl
+++ b/roles/base/templates/iptables/iptables.osuosl
@@ -29,12 +29,6 @@
 -A INPUT -p tcp -m tcp --dport 5666  -s 209.132.181.35 -j ACCEPT
 -A INPUT -p tcp -m tcp --dport 5666 -s 10.5.126.41 -j ACCEPT
 
-{% if inventory_hostname in groups['proxies'] %}
-{% for friend in friends4 %}
--A INPUT --src {{ friend }} -j DROP
-{% endfor %}
-{% endif %}
-
 # if the host/group defines incoming tcp_ports - allow them
 {% if tcp_ports is defined %}
 {% for port in tcp_ports %}