CrowdSec is trying to block the watchdog IP of a service on 172.22.1.12, even though that is listed as private IP in whitelists.yaml. cscli explain shows:
s02-enrich
| ├ 🔴 crowdsecurity/dateparse-enrich
| ├ 🔴 crowdsecurity/geoip-enrich
| ├ 🔴 crowdsecurity/http-logs
| ├ 🟢 crowdsecurity/whitelists (unchanged)
| └ 🔴 crowdsecurity/nextcloud-whitelist
├-------- parser success 🟢
That is not supposed to happen, right? What can I do about it?
#Whitelists not appreciated by parser
split lodge
quaint mortarBOT
© Created By WhyAydan for CrowdSec ❤️
midnight wharf
CrowdSec is trying to block the watchdog IP of a service on 172.22.1.12, even th...
If you grep -R "crowdsecurity/whitelists" /etc/crowdsec/parsers/s02-enrich most likely you have 2 parser with the same name?
split lodge
yes, the private whitelist file and my own
midnight wharf
yes, the private whitelist file and my own
You cant use the same name twice, edit your own to be another name like my/whitelist or something other than crowdsecurity/whitelists
split lodge
alright, thanks
do i remember correctly that the tutorial https://docs.crowdsec.net/docs/v1.4.0/whitelist/create/ used to have the name crowdsecurity/whitelists?
midnight wharf
do i remember correctly that the tutorial https://docs.crowdsec.net/docs/v1.4.0/...
Yes but I changed it because people were copying and pasting without changing it
split lodge
yeah, probably better this way lol
thanks for your quick help!
quaint mortarBOT
Resolving Whitelists not appreciated by parser