There's a comment I made on the plugins pull but I thought I would share here too:
https://github.com/opnsense/plugins/pull/2945
It would possibly be even better to allow us to select which auto rules get created instead of having to accept all or none, but if in the CrowdSec plugin we could get this option that would be acceptable.
That said, my intent here is to keep all of the rest of the functionality - so, I want the two aliases to be kept up to date by the plugin - I want to create my own rule to use those aliases but do not want the 'auto rule' getting in the way as it isn't deployed where or how I would want it.
The default rule only blocks in as a source, and does not block as a destination. Might be paranoid, but, I prefer to not even reach out to the badness as well. Further, I have a few hosts that I do not want to filter the traffic this way for, and want to let them interact with the IPs if they are on the CrowdSec blocklist or not.
Certainly interested to hear feedback on the idea/methods to help build it/how to get started.
Thank you all for all you do, I'd like to help but am a little inexperienced to take such a large bite.