V1.09 & cs-firewall-bouncer issue

Just updated to v1.09 from the Debian respository. Firstly, this looked a bit odd:

apt search crowdsec
Sorting... Done
Full Text Search... Done
crowdsec/unknown,now **1.0.7**-3 amd64 [installed]
Crowdsec - An open-source, lightweight agent to detect and respond to bad behaviours. It also
automatically benefits from our global community-wide IP reputation database
 
root@gppixelworks:/etc/crowdsec/cs-firewall-bouncer# crowdsec -version
2021/03/11 00:07:41 version: **v1.0.9**-18ff3a3a306d1eca786038fb343250e43784a900

The issue I’m experiencing is that cs-firewall-bouncer will not start. Here’s the log when attempting to start the cs-firewall-bouncer service:

time="10-03-2021 23:52:34" level=info msg="backend type : iptables"
time="10-03-2021 23:52:34" level=info msg="iptables for ipv4 initiated"
time="10-03-2021 23:52:34" level=info msg="iptables clean-up : /sbin/iptables -D INPUT -m set --match-set crowdsec-blacklists src -j DROP"
time="10-03-2021 23:52:34" level=info msg="ipset clean-up : /sbin/ipset -exist destroy crowdsec-blacklists"
time="10-03-2021 23:52:34" level=info msg="Checking existing set"
time="10-03-2021 23:52:34" level=info msg="ipset set-up : /sbin/ipset -exist create crowdsec-blacklists nethash timeout 300"
time="10-03-2021 23:52:35" level=info msg="Rule doesn't exist (/sbin/iptables -C INPUT -m set --match-set crowdsec-blacklists src -j DROP)"
time="10-03-2021 23:52:35" level=info msg="iptables set-up : /sbin/iptables -I INPUT -m set --match-set crowdsec-blacklists src -j DROP"
time="10-03-2021 23:52:35" level=info msg="iptables for ipv6 initiated"
time="10-03-2021 23:52:35" level=info msg="iptables clean-up : /sbin/ip6tables -D INPUT -m set --match-set crowdsec6-blacklists src -j DROP"
time="10-03-2021 23:52:35" level=info msg="ipset clean-up : /sbin/ipset -exist destroy crowdsec6-blacklists"
time="10-03-2021 23:52:35" level=info msg="Checking existing set"
time="10-03-2021 23:52:35" level=info msg="ipset set-up : /sbin/ipset -exist create crowdsec6-blacklists nethash timeout 300 family inet6"
time="10-03-2021 23:52:36" level=warning msg="iptables check command (/sbin/ip6tables -C INPUT -m set --match-set crowdsec6-blacklists src -j DROP) failed : exit status 1"
time="10-03-2021 23:52:36" level=info msg="iptables set-up : /sbin/ip6tables -I INPUT -m set --match-set crowdsec6-blacklists src -j DROP"
time="10-03-2021 23:52:36" level=info msg="Processing new and deleted decisions . . ."
time="10-03-2021 23:52:36" level=fatal msg="http code 404, invalid body: invalid character '<' looking for beginning of value"

Not sure how to proceed and am looking for some suggestions.

1 Like

Hello,

Which debian repository are you speaking about ? Ours, or the official debian repository ?

Thanks for the report nonetheless, we’re investigating !

Ooops … Here I thought I’d remembered to provide all relevant information. :grimacing:

Am using yours:

s3-eu-west-1.amazonaws.com/crowdsec.debian.pragmatic/stretch stretch main

I wasn’t aware Crowdsec was in the official Debian repository yet although knew it was in the process of doing so.

FWIW my experience is that Crowdsec is a great package for security. The cooperative aspect is a refreshing change and, I believe, a helpful feture.

Hello @gppixelworks,

We didn’t manage to reproduce your bug :confused:
Can you please share the following files with us:

  • /var/log/crowdsec.log
  • /etc/crowdsec/config.yaml
  • /etc/crowdsec/cs-firewall-bouncer/cs-firewall-bouncer.yaml

I’m available in private message or on gitter if you don’t want to share those files publicly

Will contact you shortly on gitter (via Matrix) and send you those files.