this is incorrect, it does work with the jc21 image, however, since jc21 image does not ship with a remediation component installed there is no way within that image to enforce decisions that crowdsec makes (we can still parse the logs and make decisions just no enforcement on that side hence the paragraph below). Hence lepresidente has a fork of the image to do this, I see alot of people are also turning to NPMPlus maintained by another user.
Now you can use the linux firewall remediation to enforce decisions but this only works if you do not use an upstream proxy like cloudflare as when proxy is enabled at layer 3/4 all the firewall can see is the cloudflare ip address not the proxied IP that is at layer 7.