Hi! I use crowdsec with postfix-logs parser and cs-firewall-bouncer.
For blocking I use iptables+ipset.
Default ban duration is 4h.
I set duration: 23h at /etc/crowdsec/profiles.yaml
name: default_ip_remediation #debug: true filters: - Alert.Remediation == true && Alert.GetScope() == "Ip" decisions: - type: ban duration: 23h on_success: break
systemctl reload crowdsec
service cs-firewall-bouncer restart
But it had no effect. For new records at decisions list I see expiration about 3h59m.
How change ban duration?