crowdsec
crowdsec copied to clipboard
Added enable/disable the 'auto rule creation' for the CrowdSec bouncer for OPNSense
What would you like to be added?
/kind feature
Kind: Completely new feature not currently available
Description: Wanted to make a request to allow us to have one more option added to this feature? The ability to toggle or enable/disable the 'auto rule creation' for the CrowdSec blocker plugin. That said I do want it filling the block list/alias, but, I do not want it to make the auto rule.
Reason: I would like to make my own rule to use the CrowdSec block lists in manual rules how and where I want to put it instead of the OPNSense created default/auto rule.
The default rule only blocks in as a source, and does not block as a destination. Might be paranoid, but, I prefer to not even reach out to the badness as well. Further, I have a few hosts that I do not want to filter the traffic this way for, and want to let them interact with the IPs if they are on the CrowdSec blocklist or not.
Extra: Thank you for adding this feature again, just a (hopefully) minor adjustment request - and I would help make this modification but I've never done something quite like this and not sure how/where to make changes.
References: https://github.com/opnsense/plugins/pull/2945 https://forum.opnsense.org/index.php?topic=46767.msg234557#msg234557
Why is this needed?
To allow OPNSense and CrowdSec users to enable more useful blocking on their routers, and to increase adoption. Further, with how OPNSense is setup, you cannot enable/disable rule creation from the Plugin, more or less, that option is set on the enable/disable of the whole blocker.
It is my hope to have the blocker enabled but not building a rule (and OPNSense not building its auto rule) so that I can build my own rules and use the two aliases/tables that are created and maintained with CrowdSec blocklist IPs from decisions/alerts.
@j0nny55555: Thanks for opening an issue, it is currently awaiting triage.
In the meantime, you can:
- Check Crowdsec Documentation to see if your issue can be self resolved.
- You can also join our Discord.
- Check Releases to make sure your agent is on the latest version.
Details
I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.
@j0nny55555: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.
/kind feature/kind enhancement/kind refactoring/kind bug/kind packaging
Details
I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.
Hi, thanks for opening the issue
I plan to change the plugin to behave like the pfsense version: rules are bi-directional by default and can be disabled. By the way you can already bypass IPs and ranges with whitelists or (from 1.6.9) allowlists.
I'll let you know when I have a version that can be tested.
https://github.com/opnsense/plugins/pull/4706