pfctl -sa
[status]command:/usr/local/etc/rc.d/oscrowdsec status; exit 0type: script_outputmessage: oscrowdsec status[...]
[update]command:sh -c 'curl ifconfig.me > /tmp/updated_address'parameters:type:script_outputmessage:Atualiza o ip externo do firewall no ddnsdescription:Realiza um teste de IP externo do firewall
pkg install -y os-crowdsec
cscli decisions add --type ban --ip $REMOTEHOST --reason teste-luciano --duration 1m
2024-11-08 23:22T0300 pf[101]: user="ludarkstar99" action="reject-auth" message="user ludarkstar99 has denied access to this terminal. session expired"
cscli collections install crowdsecurity/naxsicscli collections install crowdsecurity/base-http-scenarios
name: darkstar/lucianodescription: "nao bloqueia poh"whitelist: reason: "home office tiolulu" cidr: - "200.200.200.0/24" - "189.89.21.0/21" - "10.0.10.0/24"
echo '10.0.10.65 - - [09/Nov/2024:02:17:32 -0300] "GET /test/luciano HTTP/2.0" 404 92 "-" "Go-http-client/1.1" "177.70.23.45"' | cscli explain --type nginx -f-
$ cat /etc/passwd[...]root:*:0:0:System Administrator:/root:/usr/local/sbin/opnsense-shell[...]
less /usr/local/sbin/opnsense-shell[...]#!/bin/sh# Copyright (c) 2014-2018 Franco Fichtner <franco@opnsense.org># Copyright (c) 2004-2011 Scott Ullrich <sullrich@gmail.com># Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net># All rights reserved.# make sure the user can't kill ustrap : 2trap : 3[...]