how to choose to block all public ip as 0.0.0.0 and any mask, in order to ban any public ip that com
hello , could you help me ? to block public ip that commit an attack ?
13 Replies
Important Information
Thank you for getting in touch with your support request. To expedite a swift resolution, could you kindly provide the following information? Rest assured, we will respond promptly, and we greatly appreciate your patience. While you wait, please check the links below to see if this issue has been previously addressed. If you have managed to resolve it, please use run the command
/resolve or press the green resolve button below.Log Files
If you possess any log files that you believe could be beneficial, please include them at this time. By default, CrowdSec logs to /var/log/, where you will discover a corresponding log file for each component.
Guide Followed (CrowdSec Official)
If you have diligently followed one of our guides and hit a roadblock, please share the guide with us. This will help us assess if any adjustments are necessary to assist you further.
Screenshots
Please forward any screenshots depicting errors you encounter. Your visuals will provide us with a clear view of the issues you are facing.
© Created By WhyAydan for CrowdSec ❤️
not resolved
I'm not following the question, CrowdSec detects an attack and block that individual IP address, you want to instead block everyone?
The decision tab, i can't upload screenshot.
and i cannot delete decision
how can i unlock public ip adress , so reverse ip blocking list
when I try to delete an ip , the logo goes around in circles
You should be able to upload a screenshot now to give us some direction of where you are talking about
i cannot remove french ip
it doesn't
i restarted my router before for more security
Can you provide the
crowdsec version?
and can you DM me the email used for the crowdsec account? so we can look into it on our sideHello @Sir Valen le Juste ,
Tu peux switch en francais, je pense que ce sera plus simple 🙂
J'ai du mal a comprendre le soucis:
- Tu veux bannir 0.0.0.0/0 ? Si tu fais ca, tout le traffic sera drop (y compris les IPs privees) et ca risque de casser egalement ton crowdsec (si tu utilises le bouncer firewall)
- Pour la gestion des decisions depuis la console, il y a plusieurs choses: la feature est disponible uniquement sur les plans payants de la console et il faut activer le suport dans crowdsec (en lancant la commande
sudo cscli console enable console_management puis redemarrer le process crowdsec)
Pour supprimer une decision, tu peux également le faire avec cscli: cscli decisions delete -i X.X.X.Xah merci
on ne peut pas le faire depuis l'interface graphique en tout cas , ça beug
par ce que pour moi je ne pense pas que les ip sont bloquées à la base dès qu 'il y a un incident
tu as bien installé un bouncer ? Si oui, lequel ?
hmmm, effectivement, il y a l'air d'avoir un soucis avec l'ajout de decisions depuis la console
On regarde plus en détail, et on aura probablement plus d'infos d'ici demain
ah non je me suis planté dans mon test, tout semble fonctionner de mon cote
et est-ce que tu pourrais également me donner l'email de ton compte console en message privé que je regarde si il n'y a pas un soucis spécifique à ton compte ?
tu es de l'entreprise crowdsec ?
ok ej viens de voir que tu l'étais