alihan/cs-firewall-bouncer
1
0
Fork 0
mirror of https://github.com/crowdsecurity/cs-firewall-bouncer.git synced 2024-08-19 01:18:49 +03:00
Code Issues Packages Projects Releases Wiki Activity
499 Commits 9 Branches 64 Tags
main
Commit Graph

45 Commits

Author SHA1 Message Date
Laurence Jones
270a495370 Add TLS auth keys to config.yaml (#372) 
* Update crowdsec-firewall-bouncer.yaml

* Update crowdsec-firewall-bouncer.yaml
 2024-06-24 09:01:25 +01:00
Manuel Sabban
80bfc26162 remove the the Before causing some systemd cycling issue. (#340) 
* remove the the Before causing some systemd cycling issue.

* remove suggestion
 2023-11-07 10:07:29 +01:00
mmetc
431ca93abd allow ipset to clean up tables when receiving sigterm (#338) 2023-10-27 10:02:41 +02:00
Laurence Jones
fe77131afd default prom to false (#314) 2023-08-21 10:38:50 +02:00
mmetc
c43e65aefc deprecate "daemonize" and "pid_dir" options (#296) 2023-06-08 15:31:46 +02:00
mmetc
5e2c977e11 Moved install helper to a library, shorter code (#256) 2023-04-11 09:29:40 +02:00
Shivam Sandbhor
7fb16c6d99 Add config to set priority of nftables chain (#213) 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
Co-authored-by: Marco Mariani <marco@crowdsec.net>
 2023-04-06 14:13:37 +02:00
mmetc
b7f197de0b Packaging update (#247) 
* Improved install/uninstall scripts
* Improved rpm/deb builds
* CI: release tarball for linux, binaries for freebsd
* CI/makefile: build and distribute static binaries only
* Moved binary from /usr/sbin to /usr/bin
* CI: explicit workflow permissions
* Fixed configurable hook metrics for nftables
* Update to go 1.20.3
 2023-04-06 11:03:04 +02:00
mmetc
035d909e34 Increase file limit in systemd unit (fix #207) (#244) 2023-03-17 13:05:58 +01:00
Tobias G
9aebcfbf08 Nftables: Add configurable hooks (#231) 2023-02-15 11:38:41 +00:00
mmetc
c5aa648d07 restart service from systemd (#225) 
fix https://github.com/crowdsecurity/cs-firewall-bouncer/issues/216 and https://github.com/crowdsecurity/cs-firewall-bouncer/issues/217
 2023-01-09 15:09:17 +01:00
Jakob Wenzel
0adc780a95 make ipset type configurable (#211) 2022-10-20 16:02:28 +01:00
Shivam Sandbhor
c0a9f1d402 Add prometheus metrics (#199) 2022-09-13 17:52:45 +02:00
alteredCoder
301e9e74cd Start the firewall bouncer before netfilter-persistent service 2022-04-06 12:36:38 +02:00
alteredCoder
2816dbe802 Set api url to 127.0.0.1 instead of localhost 2022-03-14 17:48:40 +01:00
Andreas Kruger
db37b8eac6 Add InsecureSkipVerify 2022-02-17 16:34:11 +01:00
mmetc
b5e02c738e pf: default to no anchor (#142) 2022-02-16 10:53:37 +01:00
mmetc
6d16f9fadd use anchor with pfctl (optional, enabled by default) (#132) 2022-02-10 11:31:22 +01:00
bui
906888606e fix names 2022-02-09 17:04:19 +01:00
bui
3cca91a016 update default config 2022-02-08 18:18:52 +01:00
jarppiko
3b09a52658 nftables.ipv6.enabled: true 2022-01-07 13:12:09 +02:00
jarppiko
ccdbd5bc3b default blacklist names as singular vs plurar 
`crowdsec-blacklists` ==> `crowdsec-blacklist`
`crowdsec-blacklists6` ==> `crowdsec-blacklist6`
 2022-01-07 12:58:44 +02:00
jarppiko
a2be894a1f Support for configurable nftables tables/chains/blacklists (set), support for 'set-only' mode enabling easier integration to more complex nft setups. 2022-01-07 12:32:07 +02:00
alteredCoder
5743fc822f update coms 2021-12-10 10:56:34 +01:00
Yann Oberlé
75cad96c00 Add the blacklists tables in config file 2021-09-27 21:47:22 +00:00
Shivam Sandbhor
8fc2f470ca Validate config in systemd unit 
Signed-off-by: Shivam Sandbhor <shivam@crowdsec.net>
 2021-07-23 14:54:28 +05:30
bui
ce4a6473dd up 2021-06-07 10:32:02 +02:00
bui
9bb843811e rename 2021-06-04 14:46:28 +02:00
AlteredCoder
e464386b06 update piddir to pid_dir in configuration 2021-04-12 17:38:11 +02:00
AlteredCoder
4e43a6b57b Update cs-firewall-bouncer.yaml 2021-04-09 11:31:52 +02:00
Håvard Moen
26e30b10c4 use strings.EqualFold 2021-03-24 09:41:21 +01:00
Håvard Moen
9fd6c259de add support for reject instead of drop and support logging in the firewall 2021-03-24 07:19:13 +01:00
he2ss
3bd600a1f3 remove double slash in systemd config 2021-03-10 12:44:36 +01:00
Thibault bui Koechlin
610651a637 allow user to pick the chains in which chains he wants rules inserted 2021-01-04 14:03:02 +01:00
Thibault bui Koechlin
cee0c9e160 add a dependence on crowdwsec.service 2020-12-07 15:42:06 +01:00
AlteredCoder
d1513218ec improve install script 2020-11-26 18:32:59 +01:00
Ubuntu
7fc33dc4aa add disableIPV6 feature 2020-10-30 15:13:53 +00:00
AlteredCoder
95e39722f6 firewall-bouncer by cs-firewall-bouncer 2020-10-22 17:05:26 +02:00
Thibault bui Koechlin
b1d3a0e513 up 2020-10-20 18:25:50 +02:00
AlteredCoder
b6e8358a53 support nftables 2020-10-18 15:40:13 +02:00
AlteredCoder
46995fe27f fix 2020-10-06 13:57:04 +02:00
AlteredCoder
1e19077e79 fix systemd service file 2020-10-06 13:43:29 +02:00
AlteredCoder
e3f514fdb6 improve logging 2020-10-06 13:33:29 +02:00
AlteredCoder
10c22165e9 make it work 2020-10-06 13:27:31 +02:00
AlteredCoder
f080b8c7f1 first commit 2020-10-06 11:58:58 +02:00