Crowdsec on Turris Omnia

Software SW tweaks
#1

Hey Community.

Has anyone installed and running Crowdsec on a Turris Omnia?

I am running a Crowdsec multi-server setup, working well. I am wondering if I could filter out the bad IPs on the Router(Turris) level already - and not only opon arrival on the servers behind it.

Thanks for your help and hints.

Magnus

#2

Turris dynamic firewall and new IDS on TurrisOS 6.0 are build in already for this exact purpose

#3

Hi Mike,

certainly.

So can you tell me, how to make Turris’ dynamic firewall reading out all the logs of the machines running behind it?

The clue of Crowdsec is, that a detection agent on every machine reports an incident to my local api. The local api takes care of banning the IP on all machines instantly. This set up is running perfectly on more than a dozen of machines in the local network.

The “bad” IPs are blocked by every single local machine. I’d like them to be blocked upon arrival on the Turris already to reduce traffic on the local network.

For me it seems much easier and more logical to get Crowdsec running and connected to my local api on Turris Omnia rather than changing the set up on all machines (which would incluce to adapt the detection config files onevery single machine).

I would need

  • the crowdsec/crowdsec bouncer .ipk packages fitting Turris’ architecture OR
  • a src/gz feed URL fitting Turris OR
  • native integration of crowdsec/crowdsec bouncer into the Turris Repo OR
  • a way to import the crowdsec decisions into the dynamic firewall of Turris.
#4

What I wanted to say is that Turris has own solution. But it seems Crowdsec should work too - CrowdSec package for OpenWrt - #22 by Gandalf - CrowdSec

#5

I tried that…but it did not work.

Magically after automatic update to TurrisOS 6 the package is finally there in Turris’ official repo :wink:

#6

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.