Did I have the rigth setup

Good day,

I found you by chance today.
What I have done so far, I have installed crowdsec on a Debian Bullseye where currently runs UFW with Fail2Ban.
Then I installed crowdsec-firewall-bouncer-iptables on top of that.

I have mysql, apache, pgsql and linux active as rules.

But how can I see now that the system really works? Or does it not work together with UFW?

Hey and thanks for posting!

You can check the /var/log/crowdsec.log file to check what’s going on in terms of errors. Or use the cscli:
cscli decisions list (which decisions has been made in terms of attacks?)
cscli bouncers list (which bouncers are registered and active?)
cscli metrics list (metrics in general)
All commands should be run with sudo.

Try it out and see how it looks. I have no idea if fail2ban and the crowdsec bouncer conflicts. If so, try and uninstall the bouncer and watch the agent’s log file to see what it would have done if a bouncer had been installed.