CrowdSec Manager for Pangolin: User Guide

./setup_crowdsec_manager.sh retry once more and let me know
I tried on Debian 12. AWS

image1214×954 24.1 KB

NOW it worked! Whatever you’ve done

don’t know why, every Debian has a different result. i tested till 11 never went to 12

when I whitelist an IP I get this on each IP:

[*] Existing whitelist found, checking if IP is already whitelisted...
[*] Could not copy existing whitelist, creating new one...
Successfully copied 2.05kB to crowdsec:/etc/crowdsec/hub/parsers/s02-enrich/crowdsecurity/whitelists.yaml
[*] Restarting CrowdSec to apply changes...

** Could not copy existing whitelist, creating new one.** expected??

trying to list whitelisted IP’S:

======================================================================
   CURRENTLY WHITELISTED IPs
======================================================================

[*] CrowdSec Whitelist (includes IP ranges/subnets):
5a06ba1d80c2   crowdsecurity/crowdsec:latest     "/bin/bash /docker_s…"   25 minutes ago   Up 2 minutes (healthy)    0.0.0.0:6060->6060/tcp, [::]:6060->6060/tcp                                                                                     crowdsec
[+] crowdsec container is running
[-] Failed to copy whitelist from CrowdSec container.

[*] Traefik Whitelist (includes IP ranges/subnets):
[*] Client Trusted IPs:
  - 10.0.0.0/8
  - 172.16.0.0/12
  - 192.168.0.0/16
  - 100.89.137.0/20
  - 0.0.0.0/0

[-] Failed to copy whitelist from CrowdSec container.

that’s an old function. i haven’t updated the command for whitelist. recently they have changed to cscli allowlist.

you won’t be able to. as i said they have change this feature its depreciated.

How can I whitelist now?
You’ve made a port in pangolin forum but that didn’t work.

Crowdsec latest is:

cscli version
version: v1.6.5-72b4354b
Codename: alphaga
BuildDate: 2025-02-10_14:57:34
GoVersion: 1.23.6
Platform: docker
libre2: C++
User-Agent: crowdsec/v1.6.5-72b4354b-docker
Constraint_parser: >= 1.0, <= 3.0
Constraint_scenario: >= 1.0, <= 3.0
Constraint_api: v1
Constraint_acquis: >= 1.0, < 2.0
Built-in optional components: cscli_setup, datasource_appsec, datasource_cloudwatch, datasource_docker, datasource_file, datasource_http, datasource_journalctl, datasource_k8s-audit, datasource_kafka, datasource_kinesis, datasource_loki, datasource_s3, datasource_syslog, datasource_victorialogs, datasource_wineventlog

image881×594 10.3 KB

(Allowlists | CrowdSec)

Now we’re talking

please close the github issues marking it solved. @manilx

All set up. Thank you a lot! You mean github @ pangolin?

yes please. developers will have less to worry. that much we can help

For those of us who are new to this and are just starting out, a Geoblock integration would be great in the menu.

Thanks for all the information you’ve posted.

very well, you will get it in the upcoming releases. thanks for the recommendation.

Health checks etc for Middleware-Manager & dynamic_config.yml being in rules would also be handy. Just looking at the whitelist issue above and even with docker-compose.yml being as per your March 21 post, it still fails to copy the whitelist and update.

Thanks

i am moving this to a go application soon. so stay in touch. All scripts will move to a go application for easy usage. 70% work is done. hope that will make usage easier.