klausagnoletti Posted September 19, 2022 Share Posted September 19, 2022 I am head of community at CrowdSec (https://crowdsec.net) and although a bit biased (but also based on users requesting this on our Discord) I'll suggest support for CrowdSec on Unraid. In practice it would mean making Unraid-containers out of the existing ones. For those unfamilar to CrowdSec it consists of two parts: an agent who does log parsing and attack detection and manages the local stack and the bouncer which is the IPS part that does the actual threat mitigation. The simplest bouncer to use is the iptables/nftables bouncer (we have both) but there's no Docker container of that (not entirely true, we have a home assistant add-on (which is also Docker) but I don't know how much can be reused. Here's the link to our Docker repo. As you can see there's also a bunch of other bouncers available as docker containers that could probably be converted easy is my guess. Regarding the firewall bouncer it obviously needs to be running as root on the Unraid host which is in itself not a big deal and pretty easy to do so I don't think there's too much work in this. We'll be happy to collaborate and do what we can to help out. Please join our Discord at https://discord.gg/crowdsec and ping me there if you're interested. I'll be happy to convey contact with our dev team. Let me know what you think 5 Quote Link to comment
ich777 Posted September 19, 2022 Share Posted September 19, 2022 4 hours ago, klausagnoletti said: Here's the link to our Docker repo. As you can see there's also a bunch of other bouncers available as docker containers that could probably be converted easy is my guess. IBRACORP already made a template for Unraid, see here: https://docs.ibracorp.io/crowdsec/crowdsec/unraid @Sycotix I mark you here too. I would also recommend that you reach out to the developers via the contact form over here: Click 1 Quote Link to comment
slimshizn Posted September 19, 2022 Share Posted September 19, 2022 I've been using CrowdSec as a docker container and can see this only being a plus. While large companies around the world are being owned left and right, I have been on the lookout hard for ways to make sure that anything that has availability to the internet is protected. IBRACORP security repository implemented docker containers for CrowdSec and the traefik bouncer. I've been running CrowdSec, and the Cloudflare bouncer for a few weeks now, and have noticed a lot of activity. I would definitely love to see native support for this built into Unraid. +1 here Quote Link to comment
TheLaughingMan Posted September 19, 2022 Share Posted September 19, 2022 What we really need integrated is just the firewall bouncer, the rest can be done via docker containers. So either we need native support within unRAID or Crowdsec needs to release a docker container with their firewall bouncer so that it can update iptables. This software has blocked way more than anything else I have implemented so it would be great to ban at the iptable level instead of ngnix level 1 1 Quote Link to comment
ds9 Posted September 22, 2022 Share Posted September 22, 2022 (edited) I didn't find a Docker for cs-firewall-bouncer but there are some intructions on building one https://github.com/crowdsecurity/cs-firewall-bouncer/issues/32 Edited September 22, 2022 by ds9 Quote Link to comment
Serverless Posted October 7, 2022 Share Posted October 7, 2022 On 9/19/2022 at 2:28 PM, slimshizn said: I've been using CrowdSec as a docker container and can see this only being a plus. While large companies around the world are being owned left and right, I have been on the lookout hard for ways to make sure that anything that has availability to the internet is protected. IBRACORP security repository implemented docker containers for CrowdSec and the traefik bouncer. I've been running CrowdSec, and the Cloudflare bouncer for a few weeks now, and have noticed a lot of activity. I would definitely love to see native support for this built into Unraid. +1 here Hi, can you provide a link to a guide to follow? Thank you! Quote Link to comment
slimshizn Posted October 7, 2022 Share Posted October 7, 2022 (edited) 1 hour ago, Serverless said: Hi, can you provide a link to a guide to follow? Thank you! https://docs.ibracorp.io/ibracorp/all-guides-in-order/documentation/security Also the 2nd comment in here had a link............. Edited October 7, 2022 by slimshizn People who don't read. Quote Link to comment
Serverless Posted October 9, 2022 Share Posted October 9, 2022 On 10/7/2022 at 3:52 PM, slimshizn said: https://docs.ibracorp.io/ibracorp/all-guides-in-order/documentation/security Also the 2nd comment in here had a link............. Sorry, I misread you were using NPM instead of traefik, I did see the link in second post. Thanks! Quote Link to comment
tombstone Posted November 5, 2022 Share Posted November 5, 2022 (edited) I my looking for a video guide also for NPM if anyone interested of making one. Edited November 5, 2022 by tombstone Missed so E words 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.