History

CyberMind-FR 62f2f6a7a8 docs(secubox): Add KISS README for all 46 remaining packages Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>		2026-02-03 07:34:06 +01:00
..
files	feat(multi): CrowdSec LAPI port fix, Streamlit/HexoJS multi-instance	2026-01-27 06:37:19 +01:00
Makefile	feat(multi): CrowdSec LAPI port fix, Streamlit/HexoJS multi-instance	2026-01-27 06:37:19 +01:00
README.md	docs(secubox): Add KISS README for all 46 remaining packages	2026-02-03 07:34:06 +01:00

README.md

SecuBox CrowdSec Firewall Bouncer

CrowdSec firewall bouncer with native nftables integration for IPv4 and IPv6 on OpenWrt. Go binary, version 0.0.31.

Installation

opkg install secubox-app-cs-firewall-bouncer

Configuration

UCI config file: /etc/config/crowdsec

The bouncer registers with the local CrowdSec LAPI and manages nftables sets to block malicious IPs.

Usage

# Start / stop the service
/etc/init.d/crowdsec-firewall-bouncer start
/etc/init.d/crowdsec-firewall-bouncer stop

# Check bouncer status
cs-firewall-bouncer -version

Files

/etc/config/crowdsec -- UCI configuration
/etc/init.d/crowdsec-firewall-bouncer -- init script
/usr/sbin/cs-firewall-bouncer -- Go binary

Build Notes

This is a Go package with CGO. It must be built with the full OpenWrt toolchain, not the SDK:

cd secubox-tools/openwrt
make package/secubox-app-cs-firewall-bouncer/compile V=s

Dependencies

nftables

License

MIT