So I know that my crowdsec-firewall-bouncer can connect to the instance (which is in a docker container on a different machine). But when I login to app.crowdsec.net my instance shows no bouncers installed?
Shouldn’t I see that my bouncer is installed?
Also: do I need to mirror my traffic to the crowdsec docker container to get full functionality?
I will check this with my instance. What’s your OpenWrt and bouncer package version?
What’s in /var/log/crowdsec-firewall-bouncer.log?
OpenWrt 21.02-SNAPSHOT, r16399+157-c67509efd7
crowdsec-firewall-bouncer 0.0.21-3
Logfile:
Both are outdated. Have you thought about upgrading?
I’m not sure if the 0.21 bouncer is still compatible with your Crowdsec local API and central API. What’s your local API’s version?
I’ll have a look on your log tomorrow.
Upgraded my router firmware to latest but OpenWRT is the same version.
My crowdsec version:
2023/06/13 21:22:42 version: v1.5.2-4fbc3402fba932c8bd34b671527dcf7909d264c0
2023/06/13 21:22:42 Codename: alphaga
2023/06/13 21:22:42 BuildDate: 2023-05-26_16:18:45
2023/06/13 21:22:42 GoVersion: 1.20.4
2023/06/13 21:22:42 Platform: docker
2023/06/13 21:22:42 Constraint_parser: >= 1.0, <= 2.0
2023/06/13 21:22:42 Constraint_scenario: >= 1.0, < 3.0
2023/06/13 21:22:42 Constraint_api: v1
2023/06/13 21:22:42 Constraint_acquis: >= 1.0, < 2.0
Hmmm. Not sure what the problem is. The crowdsec bouncer for OpenWrt got updated packages for OpenWrt 22.03 and 23.05 and is now based on fw4 and nftables.
Based on the log file it seems like there is some problems with iptables. So I suggest to upgrade. What router is it? Does it have enough space for handling the ip sets?
Gl.iNet AX1800 Flint
I wonder if someone has upgraded the OpenWRT version for this router. I’ll have to check the Gl.iNet forums