CrowdSec

Started by Georges, November 20, 2020, 06:53:44 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3 4
User actions
January 31, 2022, 08:13:28 AM #30
"misconfigured" means the plugin was installed by console and was not registered in the config.xml. As long as there is no upstream repo for it that situation will be normal but not affect operation at all (same as "orphaned").


Cheers,
Franco
February 05, 2022, 12:40:29 AM #31
Quote from: zz00mm on January 31, 2022, 12:45:13 AM
Crowdsec has been installed, what should be done with the message that v1.3 is available?
I'm wondering the same thing. There's no binary for it I can find in github and the instructions that I can find don't include updates, which I find odd. Early days I suppose.
February 12, 2022, 04:33:39 PM #32
firewall has been updated to build 005 which contains v1.3 of the crowdsec engine. The crowdsec portal has updated itself and shows the correct versions.
February 12, 2022, 10:14:16 PM #33
thanks for posting, yes a new version is available now.
March 04, 2022, 08:27:40 PM #34
March 07, 2022, 03:57:12 PM #35
Would someone elaborate on the Zenarmor/Suricata and Crowdsec? should all of them be used all together/separate or not at all?
April 29, 2022, 08:07:38 AM #36
you can run them together if you like and build some multi layer of protection.
For those who also want to start with crowdsec but don't know how, I just found a nicely written guide for you:
https://homenetworkguy.com/how-to/install-and-configure-crowdsec-on-opnsense/
April 30, 2022, 08:59:39 PM #37 Last Edit: April 30, 2022, 09:32:41 PM by hushcoden
Sorry if I'm missing something obvious, but I just installed it and the two aliases crowdsec_blacklists and crowdsec6_blacklists are empty ?

I thought they'd contain the URLs where they'd take the bad IPs from ?
April 30, 2022, 09:48:19 PM #38
Also, just noticed in system -> firmware the cowdsec plugin is listed as misconfigured - but I didn't errors during the installation, any suggestions?

Tia.
May 01, 2022, 12:15:37 AM #39 Last Edit: May 01, 2022, 12:17:29 AM by cookiemonster
Quote from: hushcoden on April 30, 2022, 09:48:19 PM
Also, just noticed in system -> firmware the cowdsec plugin is listed as misconfigured - but I didn't errors during the installation, any suggestions?

Tia.
Quote from: franco on January 31, 2022, 08:13:28 AM
"misconfigured" means the plugin was installed by console and was not registered in the config.xml. As long as there is no upstream repo for it that situation will be normal but not affect operation at all (same as "orphaned").


Cheers,
Franco
May 01, 2022, 12:21:47 AM #40
Quote from: hushcoden on April 30, 2022, 08:59:39 PM
Sorry if I'm missing something obvious, but I just installed it and the two aliases crowdsec_blacklists and crowdsec6_blacklists are empty ?

I thought they'd contain the URLs where they'd take the bad IPs from ?
It looks like they get pulled every two hours by default according to the "Alerts" tab on the plugin UI. I don't remember if they got populated immediately at installation time though. I'd give it a little time, like two hours max or check the docs.
May 05, 2022, 09:39:59 PM #41
Quote from: cookiemonster on May 01, 2022, 12:21:47 AM
Quote from: hushcoden on April 30, 2022, 08:59:39 PM
Sorry if I'm missing something obvious, but I just installed it and the two aliases crowdsec_blacklists and crowdsec6_blacklists are empty ?

I thought they'd contain the URLs where they'd take the bad IPs from ?
It looks like they get pulled every two hours by default according to the "Alerts" tab on the plugin UI. I don't remember if they got populated immediately at installation time though. I'd give it a little time, like two hours max or check the docs.
Confirmed that they get populated automatically after some time (2h sounds about right).
May 06, 2022, 03:51:19 PM #42
Having a similar issue. I've been running crowdsec since yesterday and the crowdsec6_blacklists also remains empty. Adding one manually using cscli decisions add --ip xxxx --duration 1m works, but none are added automatically. No problem with the ipv4 crowdsec_blacklists though.
May 06, 2022, 04:05:46 PM #43
It didn't work for me, for some reason: after 3 days blacklists were still empty so I removed it...
May 06, 2022, 05:43:17 PM #44
Did you install it in the given order? https://github.com/crowdsecurity/opnsense-plugin-crowdsec/

QuoteCopy them to your firewall instance with scp, then install the packages in the following order but do not enable them like the post-install messages say. These instruction are for using them without OPNsense.

# pkg add ./crowdsec-1.3.2.txz
...
# pkg add ./crowdsec-firewall-bouncer-0.0.23.r2.txz
...
# pkg add ./os-crowdsec-0.0.7.txz
...
Print
Go Up Pages 1 2 3 4
User actions