CyberMind-FR
cec4893db9
Evolution #1 - IP Blocklist (secubox-app-ipblocklist, luci-app-ipblocklist): - Pre-emptive blocking layer with ipset (~100k IPs) - Default sources: Data-Shield, Firehol Level 1 - Supports nftables (fw4) and iptables backends - LuCI KISS dashboard with sources/whitelist management Evolution #2 - AbuseIPDB Reporter (luci-app-crowdsec-dashboard v0.8.0): - New "AbuseIPDB" tab in CrowdSec Dashboard - crowdsec-reporter.sh CLI for reporting blocked IPs - RPCD handler luci.crowdsec-abuseipdb with 9 methods - Cron job for automatic reporting every 15 minutes - IP reputation checker in dashboard Evolution #3 - Log Denoising (luci-app-system-hub v0.5.2): - Three modes: RAW, SMART (noise ratio), SIGNAL_ONLY (filter known IPs) - Integrates with IP Blocklist ipset + CrowdSec decisions - RPCD methods: get_denoised_logs, get_denoise_stats - Denoise mode selector panel with noise ratio indicator Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
9 lines
414 B
Plaintext
9 lines
414 B
Plaintext
# CrowdSec AbuseIPDB Reporter - Run every 15 minutes
|
|
*/15 * * * * root [ "$(uci -q get crowdsec_abuseipdb.global.enabled)" = "1" ] && /usr/sbin/crowdsec-reporter.sh report >/dev/null 2>&1
|
|
|
|
# Reset daily stats at midnight
|
|
0 0 * * * root /usr/sbin/crowdsec-reporter.sh reset-daily >/dev/null 2>&1
|
|
|
|
# Reset weekly stats on Monday at midnight
|
|
0 0 * * 1 root /usr/sbin/crowdsec-reporter.sh reset-weekly >/dev/null 2>&1
|