Crowdsec-firewall-bouncer continues to terminate

bjoernwuest · November 17, 2024, 2:33pm

Hi, my crowdsec-firewall-bouncer continues to terminate.

My setup - cscli version:

version: v1.6.3-debian-pragmatic-amd64-4851945a
Codename: alphaga
BuildDate: 2024-09-10_13:00:58
GoVersion: 1.22.2
Platform: linux
libre2: C++
User-Agent: crowdsec/v1.6.3-debian-pragmatic-amd64-4851945a-linux
Constraint_parser: >= 1.0, <= 3.0
Constraint_scenario: >= 1.0, <= 3.0
Constraint_api: v1
Constraint_acquis: >= 1.0, < 2.0

/etc/crowdsec/config.yaml.local (had to change port to 8081 since I am running the Unifi controller on this machine)

api:
server:
enable: yes
listen_uri: 127.0.0.1:8081
prometheus:
enabled: false

/etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml

api_url: http://127.0.0.1:8081/

Output from crowdsec-firewall-bouncer.log:

time=“2024-11-17T15:26:32+01:00” level=info msg=“Starting crowdsec-firewall-bouncer v0.0.31-debian-pragmatic-amd64-4b99c161b2c1837d76c5fa89e1df83803dfbcc87”
time=“2024-11-17T15:26:32+01:00” level=info msg=“backend type: iptables”
time=“2024-11-17T15:26:32+01:00” level=info msg=“using ‘DROP’ as deny_action”
time=“2024-11-17T15:26:32+01:00” level=info msg=“iptables for ipv4 initiated”
time=“2024-11-17T15:26:32+01:00” level=info msg=“Deleting rule : /usr/sbin/iptables -D INPUT -j CROWDSEC_CHAIN”
time=“2024-11-17T15:26:32+01:00” level=error msg=“error while removing rule : exit status 2 → iptables v1.8.10 (nf_tables): Chain ‘CROWDSEC_CHAIN’ does not exist\nTry iptables -h' or 'iptables --help' for more information.\n" time="2024-11-17T15:26:32+01:00" level=info msg="Flushing chain : /usr/sbin/iptables -F CROWDSEC_CHAIN" time="2024-11-17T15:26:32+01:00" level=error msg="error while flushing chain : exit status 1 --> iptables: No chain/target/match by that name.\n" time="2024-11-17T15:26:32+01:00" level=info msg="Deleting chain : /usr/sbin/iptables -X CROWDSEC_CHAIN" time="2024-11-17T15:26:32+01:00" level=error msg="error while deleting chain : exit status 1 --> iptables: No chain/target/match by that name.\n" time="2024-11-17T15:26:33+01:00" level=info msg="Creating chain : /usr/sbin/iptables -N CROWDSEC_CHAIN -t filter" time="2024-11-17T15:26:33+01:00" level=info msg="Adding rule : /usr/sbin/iptables -I INPUT -j CROWDSEC_CHAIN" time="2024-11-17T15:26:33+01:00" level=info msg="iptables for ipv6 initiated" time="2024-11-17T15:26:33+01:00" level=info msg="Deleting rule : /usr/sbin/ip6tables -D INPUT -j CROWDSEC_CHAIN" time="2024-11-17T15:26:33+01:00" level=error msg="error while removing rule : exit status 2 --> ip6tables v1.8.10 (nf_tables): Chain 'CROWDSEC_CHAIN' does not exist\nTry ip6tables -h’ or ‘ip6tables --help’ for more information.\n”
time=“2024-11-17T15:26:33+01:00” level=info msg=“Flushing chain : /usr/sbin/ip6tables -F CROWDSEC_CHAIN”
time=“2024-11-17T15:26:33+01:00” level=error msg=“error while flushing chain : exit status 1 → ip6tables: No chain/target/match by that name.\n”
time=“2024-11-17T15:26:33+01:00” level=info msg=“Deleting chain : /usr/sbin/ip6tables -X CROWDSEC_CHAIN”
time=“2024-11-17T15:26:33+01:00” level=error msg=“error while deleting chain : exit status 1 → ip6tables: No chain/target/match by that name.\n”
time=“2024-11-17T15:26:34+01:00” level=info msg=“Creating chain : /usr/sbin/ip6tables -N CROWDSEC_CHAIN -t filter”
time=“2024-11-17T15:26:34+01:00” level=info msg=“Adding rule : /usr/sbin/ip6tables -I INPUT -j CROWDSEC_CHAIN”
time=“2024-11-17T15:26:34+01:00” level=info msg=“Using API key auth”
time=“2024-11-17T15:26:34+01:00” level=info msg=“config is valid”
time=“2024-11-17T15:26:34+01:00” level=info msg=“Shutting down backend”
time=“2024-11-17T15:26:34+01:00” level=info msg=“Deleting rule : /usr/sbin/iptables -D INPUT -j CROWDSEC_CHAIN”
time=“2024-11-17T15:26:34+01:00” level=info msg=“Flushing chain : /usr/sbin/iptables -F CROWDSEC_CHAIN”
time=“2024-11-17T15:26:34+01:00” level=info msg=“Deleting chain : /usr/sbin/iptables -X CROWDSEC_CHAIN”
time=“2024-11-17T15:26:35+01:00” level=info msg=“Deleting rule : /usr/sbin/ip6tables -D INPUT -j CROWDSEC_CHAIN”
time=“2024-11-17T15:26:35+01:00” level=info msg=“Flushing chain : /usr/sbin/ip6tables -F CROWDSEC_CHAIN”
time=“2024-11-17T15:26:35+01:00” level=info msg=“Deleting chain : /usr/sbin/ip6tables -X CROWDSEC_CHAIN”
time=“2024-11-17T15:26:36+01:00” level=info msg=“Starting crowdsec-firewall-bouncer v0.0.31-debian-pragmatic-amd64-4b99c161b2c1837d76c5fa89e1df83803dfbcc87”
time=“2024-11-17T15:26:36+01:00” level=info msg=“backend type: iptables”
time=“2024-11-17T15:26:36+01:00” level=info msg=“using ‘DROP’ as deny_action”
time=“2024-11-17T15:26:36+01:00” level=info msg=“iptables for ipv4 initiated”
time=“2024-11-17T15:26:36+01:00” level=info msg=“Deleting rule : /usr/sbin/iptables -D INPUT -j CROWDSEC_CHAIN”
time=“2024-11-17T15:26:36+01:00” level=error msg=“error while removing rule : exit status 2 → iptables v1.8.10 (nf_tables): Chain ‘CROWDSEC_CHAIN’ does not exist\nTry iptables -h' or 'iptables --help' for more information.\n" time="2024-11-17T15:26:36+01:00" level=info msg="Flushing chain : /usr/sbin/iptables -F CROWDSEC_CHAIN" time="2024-11-17T15:26:36+01:00" level=error msg="error while flushing chain : exit status 1 --> iptables: No chain/target/match by that name.\n" time="2024-11-17T15:26:36+01:00" level=info msg="Deleting chain : /usr/sbin/iptables -X CROWDSEC_CHAIN" time="2024-11-17T15:26:36+01:00" level=error msg="error while deleting chain : exit status 1 --> iptables: No chain/target/match by that name.\n" time="2024-11-17T15:26:37+01:00" level=info msg="Creating chain : /usr/sbin/iptables -N CROWDSEC_CHAIN -t filter" time="2024-11-17T15:26:37+01:00" level=info msg="Adding rule : /usr/sbin/iptables -I INPUT -j CROWDSEC_CHAIN" time="2024-11-17T15:26:37+01:00" level=info msg="iptables for ipv6 initiated" time="2024-11-17T15:26:37+01:00" level=info msg="Deleting rule : /usr/sbin/ip6tables -D INPUT -j CROWDSEC_CHAIN" time="2024-11-17T15:26:37+01:00" level=error msg="error while removing rule : exit status 2 --> ip6tables v1.8.10 (nf_tables): Chain 'CROWDSEC_CHAIN' does not exist\nTry ip6tables -h’ or ‘ip6tables --help’ for more information.\n”
time=“2024-11-17T15:26:37+01:00” level=info msg=“Flushing chain : /usr/sbin/ip6tables -F CROWDSEC_CHAIN”
time=“2024-11-17T15:26:37+01:00” level=error msg=“error while flushing chain : exit status 1 → ip6tables: No chain/target/match by that name.\n”
time=“2024-11-17T15:26:37+01:00” level=info msg=“Deleting chain : /usr/sbin/ip6tables -X CROWDSEC_CHAIN”
time=“2024-11-17T15:26:37+01:00” level=error msg=“error while deleting chain : exit status 1 → ip6tables: No chain/target/match by that name.\n”
time=“2024-11-17T15:26:38+01:00” level=info msg=“Creating chain : /usr/sbin/ip6tables -N CROWDSEC_CHAIN -t filter”
time=“2024-11-17T15:26:38+01:00” level=info msg=“Adding rule : /usr/sbin/ip6tables -I INPUT -j CROWDSEC_CHAIN”
time=“2024-11-17T15:26:38+01:00” level=info msg=“Using API key auth”
time=“2024-11-17T15:26:38+01:00” level=info msg=“Processing new and deleted decisions . . .”
time=“2024-11-17T15:26:38+01:00” level=error msg=“API error: http code 404, response: <html lang="en">HTTP Status 404 – Not Found<style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}
HTTP Status 404 – Not Found
”
time=“2024-11-17T15:26:38+01:00” level=info msg=“Shutting down backend”
time=“2024-11-17T15:26:38+01:00” level=info msg=“Deleting rule : /usr/sbin/iptables -D INPUT -j CROWDSEC_CHAIN”
time=“2024-11-17T15:26:38+01:00” level=info msg=“Flushing chain : /usr/sbin/iptables -F CROWDSEC_CHAIN”
time=“2024-11-17T15:26:38+01:00” level=info msg=“Deleting chain : /usr/sbin/iptables -X CROWDSEC_CHAIN”
time=“2024-11-17T15:26:39+01:00” level=info msg=“Deleting rule : /usr/sbin/ip6tables -D INPUT -j CROWDSEC_CHAIN”
time=“2024-11-17T15:26:39+01:00” level=info msg=“Flushing chain : /usr/sbin/ip6tables -F CROWDSEC_CHAIN”
time=“2024-11-17T15:26:39+01:00” level=info msg=“Deleting chain : /usr/sbin/ip6tables -X CROWDSEC_CHAIN”
time=“2024-11-17T15:26:40+01:00” level=fatal msg=“process terminated with error: bouncer stream halted”

Nothing shows up in /var/log/crowdsec_api.log when the bouncer runs.

bjoernwuest · November 17, 2024, 2:35pm

One more addition: ss -tulpn:

tcp LISTEN 0 4096 127.0.0.1:8081 0.0.0.0:* users:((“crowdsec”,pid=603125,fd=19))

iiAmLoz · November 18, 2024, 8:21am

And it seems to be fine within /var/log/crowdsec.log?

bjoernwuest · November 18, 2024, 10:47am

Changed all settings to use 8082 and now it works. Not sure why it doesn’t like 8081, maybe by accident I set any FW rule that I cannot remember - even it is a freshly installed machine…

Topic		Replies	Views
Crowdsec-firewall-bouncer does't start -> BACKEND is not supported	1	1726	April 25, 2023
Did I have the rigth setup crowdsec	3	1035	August 17, 2022
[docker setup] local bouncer on host doesn't ban IPs	3	1111	September 30, 2023
New setup - right setup? crowdsec	4	946	November 8, 2023
Failed to start The firewall bouncer crowdsec	10	4908	January 2, 2024

Crowdsec-firewall-bouncer continues to terminate

HTTP Status 404 – Not Found

Related topics