On a Windows server with installed crowdsec, an ip got into the ban list, this can be seen in decisions. This ip was removed from the firewall rules, not by the decisions team. delete. After that, the ip was deleted by the decisions command. delete. Now when attacking from this ip, the attacker’s ip is visible through the decisions list command, but the ip does not fall into the firewall rules… Why? How to fix?
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Ban again unbanned ip-addresses | 2 | 853 | June 2, 2022 | |
| IPs not being banned after decision | 2 | 771 | September 16, 2021 | |
| Block ip packages.sury.org | 7 | 1174 | May 29, 2023 | |
|
Decisions list not updated
|
8 | 1850 | April 28, 2022 | |
|
Alerts interpretation - Black list hit vs update vs attack
|
0 | 574 | March 18, 2022 |