Hi,
I've been using BanIP with my Flint2 for ages. Everything seems to work OK, but i've been reading with interest about Crowdsec Firewall bouncer and wanted to know if anyone is using it with the Flint2.
What experiences do you have with it? Do you keep the agent and bouncer on the Flint 2 or just the bouncer.
Is it even worth using over BanIP?
Thanks.
I have used it before on normal OpenWrt the crowdsec bouncer.
Though what prevented me to use it where two things.
Alot of lists where behind a enterprise type paywall so I had only a limited amount of lists, though it didn't had false positives.
And on higher OpenWrt version with APK there are issues with compilling two packages sharing the same core package... I have had this reported on the OpenWrt forums since it also happened between ppp and ppp-rp-server but I guess I need to check this again.
with banip you have full control over its lists, but it easily can block wrong ip this happened to me occasionally and the issue is some lists make mistakes and some do it with malicious intend, a error is easily made since if it happens such list contains akamai or cloudflare ip, then it will block all cloudflare especially if it does that with domain blocking, then alot of things can fail even callback sites from payment providers.
I mainly only use banip now for blocking DoH, neither for the fail2ban list because it showed me many false positives.
Thanks xize11
I will give crowdsec a miss then. I've had banip for over a year and not had any issues of note. Appreciate your detailed reply. Hopefully will be of use to other people in the future.