Setup on OpenWRT

DiscourseNotDat · January 2, 2025, 2:53am

First, I am a complete novice with this stuff so please bear that in mind when responding.

I have OpenWRT x86 installed on a mini pc and am curious to check out Crowdsec but have not found any sort of guide for setting things up on OpenWRT.

Ive installed the crowdsec, crowdsec-firewall-bouncer,and luci-app-crowdsec-firewall-bouncer packages via the Luci interface.

Anything else I need to do to get things up and running?

Thanks in advance

iiAmLoz · January 2, 2025, 10:00am

Have you ran through the post installation guide? Post Installation Steps | CrowdSec

DiscourseNotDat · January 18, 2025, 1:51am

I have run through the Post Installation and seem to be stuck.
I have completed the following;

Installed crowdsec, crowdsec-firewall-bouncer and luci-app-crowdsec-firewall-bouncer packages in OpenWRT
Created a Crowdsec account

I think the next step is to enroll an engine.
If I ssh into my Openwrt and run the sudo cscli console enroll $ENROLLMENT_KEY
I get the following

-ash: sudo: not found

Did I miss any steps?

mrinmaydhar · January 18, 2025, 1:09pm

There is no need to sudo in openwrt. You land in the sh shell when you login via root.

DiscourseNotDat · January 18, 2025, 2:31pm

That was the issue. Thanks!!

DiscourseNotDat · January 18, 2025, 3:31pm

Edit: I instaleled the Firewall bouncer in OpenWRT but do not know how to configure it. My Crowdsec console says no remediation components installed.

I know the next step is to install a bouncer.
I believe this is the page I need to follow

Im not sure if I am supposed to install the IPTables, NFTables or pf?

DiscourseNotDat · January 19, 2025, 3:41am

OK, I have the engine and bouncer up and running.
According to the Post Installation guide, the following command should tell me what log sources are already detected,

cscli metrics show acquisition

The only output I get is
ATA[2025-01-19T03:39:27Z] accepts 0 arg(s), received 2

Thanks for any tips

iiAmLoz · January 19, 2025, 10:35am

This indicates the engine version is old, can you run cscli version

DiscourseNotDat · January 19, 2025, 3:18pm

Here you go:

2025/01/19 15:16:22 version: v1.6.0-openwrt-1.6.0-1
2025/01/19 15:16:22 Codename:
2025/01/19 15:16:22 BuildDate: 2024-12-28_16:14:29
2025/01/19 15:16:22 GoVersion: 1.21.13
2025/01/19 15:16:22 Platform: linux
2025/01/19 15:16:22 libre2: WebAssembly
2025/01/19 15:16:22 Constraint_parser: >= 1.0, <= 3.0
2025/01/19 15:16:22 Constraint_scenario: >= 1.0, <= 3.0
2025/01/19 15:16:22 Constraint_api: v1
2025/01/19 15:16:22 Constraint_acquis: >= 1.0, < 2.0

Also,

When I run, opkg install crowdsec, I get
Package crowdsec (1.6.0-1) installed in root is up to date.
But I get a message in the Console saying v1.6.4 available with a link !

Topic		Replies	Views
[Finished] OpenWrt: updating crowdsec-firewall-bouncer package crowdsec	4	1472	February 6, 2023
Need help in installing cs-nginx-bouncer crowdsec	7	592	January 21, 2022
Install bouncer on OpenWrt 21.02.2 crowdsec	3	2715	April 1, 2022
Crowdsec-firewall-bouncer on openwrt not showing as connected to my instance on app.crowdsec.net crowdsec	6	1156	June 14, 2023
OpenWRT + SWAG + CrowdSec	2	91	December 20, 2024

Setup on OpenWRT

Edit: I instaleled the Firewall bouncer in OpenWRT but do not know how to configure it. My Crowdsec console says no remediation components installed.

Related topics