So can you tell me, how to make Turris’ dynamic firewall reading out all the logs of the machines running behind it?
The clue of Crowdsec is, that a detection agent on every machine reports an incident to my local api. The local api takes care of banning the IP on all machines instantly. This set up is running perfectly on more than a dozen of machines in the local network.
The “bad” IPs are blocked by every single local machine. I’d like them to be blocked upon arrival on the Turris already to reduce traffic on the local network.
For me it seems much easier and more logical to get Crowdsec running and connected to my local api on Turris Omnia rather than changing the set up on all machines (which would incluce to adapt the detection config files onevery single machine).
I would need
- the crowdsec/crowdsec bouncer .ipk packages fitting Turris’ architecture OR
- a src/gz feed URL fitting Turris OR
- native integration of crowdsec/crowdsec bouncer into the Turris Repo OR
- a way to import the crowdsec decisions into the dynamic firewall of Turris.