Using Crowdsec with CSF (configserver & security firewall)

I am happily using CSF and have been for many years. I dont need fail2ban as I just write custom regex to target actions I would like to remove or prevent.

As I really love the idea of Crowdsec and the group nature of suspect IP remediation I would love to use it in conjunction with CSF.

Since CSF is an addition to iptables, I should be able to get them working nicely right?

Has anyone else had any luck? Or is it time for me to move on from CSF?

Cheers for reading,



I can honestly say that I have never heard of CSF (and I’ve been working with Linux for 20+ years). This also means that noone else in the community has mentioned it to me. I can’t rule out that anyone else has tried it but in that case they have not mentioned it to us :slight_smile:

Which Linux distro are you using CSF on? And yes, it ‘should‘ work as an ordinary iptables bouncer. But who knows. Currently I don’t have an overview of exactly what CSF is and why one would want to use it (or for what) so I can’t say anything of other ways to integrate CSF with CrowdSec; if it would make sense to parse any logs somewhere,

Anyway, try it out and please let us know how it goes :slight_smile:

Thanks for your reply Klaus!

I have also used Linux for 20+ years but only discovered CSF about 10 years ago. CSF is an open source stateful packet inspection firewall. Its really an additional kit bag ontop of iptables but offers so much more.

There is quite a bit of overlap between it and Corwdsec it appears to me on the surface, but Crowdsec has some really cool features CSF doesnt.

I am using Ubuntu server 20.04 and I have just created a VPS to test all this out. If anyone is interested I will report back after a week or so and see how things are playing out.



That would be great! Thanks. You should also consider joining our new Discord community and hang out. It’s not just a thing for the kids :slight_smile: