As the CrowdSec default firewall is only stopping incoming for items on the list, I wanted to upgrade how that feature worked, and honestly allow a few hosts I have to not be blocked by the firewall - an unfiltered host if you will.
So, I made my own "Hosts" based Firewall Alias, and have a Python script that will get the latest list and put it in there.
This took a little bit usually, and so I tried to see if I could thread the operation to increase speed, I might try to multi-process it next as the dual sends is about the fastest send (two sub lists, each about 30,000 items) and if there is a change I just update the whole sublist that changed and do a reconfigure.
Still, this takes too long as 10 seconds. The other kinds of aliases are interesting to me, such as Internal and External.
It would seem (and I did this too... but didn't understand how to 'reconfigure' or set the updates as active) that you can do it faster via pfctl via python, but, how do you reconfigure after updating a "Hosts" based Alias? Do the Internal or External Alias types not need a 'reconfigure' to have their populations be active in the rules that use them?
I'm fairly new to pf/FreeBSD so please do not take for granted anything I might 'should' or 'could' know, teach me!