PostOverflow whitelist using forward DNS

smu44 · December 3, 2022, 12:27pm

Hi there!

Some time ago, I successfully whitelisted my ISP, see this thread for reference: Can't make postoverflow whitelist to work.

Now, I’d like to whitelist only my residential IP address, as all Orange/Wanadoo addresses is way too much for a whitelist

Problem: my home IP address may vary in time.
In my ISP router (LiveBox), I successfully setup a dynamic DNS (freeddns.org) for A record.
But I can’t change the reverse (PTR), Orange won’t allow.

So, question is: how to write a PostOverflow whitelist, using my dynamic A DNS record (myhome.freeddns.org)?
Or: can we compare the IP address with a forward DNS (A) request result, in expression ?

Any idea welcome, thanks in advance!

iiAmLoz · December 6, 2022, 2:43pm

In the recent 1.4.2 release you can use this helper IP helpers | CrowdSec there is an example attached. This will go in postoverflow folder /etc/crowdsec/postoverflows/s01-whitelist/ if the folder doesnt exist

Edit 23/11/23: fix link to new documentation

smu44 · December 7, 2022, 6:16am

This is a very nice enhancement, thank you very much!

Topic		Replies	Views
Can't make postoverflow whitelist to work crowdsec	7	2012	June 22, 2022
File() helper not working crowdsec	7	861	October 28, 2021
Crowdsecurity/rdns not adding reverse_dns to alerts crowdsec	1	12	October 22, 2024
Whitelisting one or more countries crowdsec	5	1668	February 5, 2024
Whitelisting Crowdsec Servers IP Addresses for Console Access and Blocklist Download crowdsec	2	231	June 6, 2024

PostOverflow whitelist using forward DNS

Related Topics