Port details |
- crowdsec-firewall-bouncer CrowdSec bouncer written in golang for firewalls
- 0.0.27 security
=1 0.0.23.r2_12Version of this port present on the latest quarterly branch. - Maintainer: marco@crowdsec.net
 - Port Added: 2021-05-24 15:42:06
- Last Update: 2023-05-18 08:19:49
- Commit Hash: f69368c
- People watching this port, also watch:: json-c, sysinfo, python, miller
- License: MIT
- Description:
- Crowdsec bouncer written in golang for firewalls.
cs-firewall-bouncer will fetch new and old decisions from a CrowdSec API to add
them in a blocklist used by supported firewalls.
¦ ¦ ¦ ¦ 
- pkg-plist: as obtained via:
make generate-plist - Dependency lines:
-
- crowdsec-firewall-bouncer>0:security/crowdsec-firewall-bouncer
- To install the port:
- cd /usr/ports/security/crowdsec-firewall-bouncer/ && make install clean
- To add the package, run one of these commands:
- pkg install security/crowdsec-firewall-bouncer
- pkg install crowdsec-firewall-bouncer
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: crowdsec-firewall-bouncer
- Flavors: there is no flavor information for this port.
- distinfo:
- TIMESTAMP = 1684281311
SHA256 (crowdsecurity-cs-firewall-bouncer-v0.0.27-freebsd_GH0.tar.gz) = 1dba0604d0ff7d9035e2e2adcff42cddf7d0b63f23dd973ce692b6e18ee65126
SIZE (crowdsecurity-cs-firewall-bouncer-v0.0.27-freebsd_GH0.tar.gz) = 2600838
Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- git : devel/git@lite
- gmake>=4.3 : devel/gmake
- go120 : lang/go120
- There are no ports dependent upon this port
Configuration Options:
- No options to configure
- Options name:
- security_crowdsec-firewall-bouncer
- USES:
- gmake go:no_targets
- pkg-message:
- For install:
-
crowdsec-firewall-bouncer is installed.
If you are running crowdsec on this machine, the bouncer will register itself with
the Local API when it's started the first time.
If the LAPI is on another machine, you need to manually register the bouncer
and fill api_key and api_url in /usr/local/etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml before
starting the service.
This package depends on the Packet Filter service.
To make sure it's active:
----------
# sysrc pf_enable=YES
pf_enable: NO -> YES
# service pf start
Enabling pf.
----------
Add the following in /etc/pf.conf to create the firewall tables and rules:
----------
table <crowdsec-blacklists> persist
table <crowdsec6-blacklists> persist
block drop in quick from <crowdsec-blacklists> to any
block drop in quick from <crowdsec6-blacklists> to any
----------
To apply the file:
# pfctl -f /etc/pf.conf
Then activate the bouncer via sysrc and run it:
----------
# sysrc crowdsec_firewall_enable="YES"
crowdsec_firewall_enable: NO -> YES
# service crowdsec_firewall start
----------
- WWW: https://github.com/crowdsecurity/cs-firewall-bouncer
- Master Sites:
|
Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
0.0.27 18 May 2023 08:19:49
    |
Robert Clausecker (fuz)  Author: Marco Mariani |
security/crowdsec-firewall-bouncer: update to 0.0.27
Drop now upstreamed patches.
Relevant upstream change: greatly improved performance when syncing
blocklists with the central API.
Changelog:
https://github.com/crowdsecurity/cs-firewall-bouncer/releases/tag/v0.0.27
PR: 271452 |
0.0.23.r2_12 08 Apr 2023 15:13:25
    |
Dmitri Goutnik (dmgk)  |
all: Bump PORTREVISION after lang/go{119,120} update |
0.0.23.r2_11 31 Mar 2023 10:42:05
    |
Robert Clausecker (fuz)  |
security/crowdsec-firewall-bouncer: fix build on riscv64
Bump golang.org/x/sys dependency to a version new enough
to support riscv64-freebsd.
Sponsored by: Berliner Linux User Group e.V.
Approved by: portmgr (build fix blanket) |
0.0.23.r2_10 09 Mar 2023 19:18:07
    |
Dmitri Goutnik (dmgk)  |
all: Bump PORTREVISION after Go ports update |
0.0.23.r2_9 15 Feb 2023 19:06:01
    |
Dmitri Goutnik (dmgk)  |
all: Bump PORTREVISION after lang/go{119,120} update |
0.0.23.r2_8 09 Feb 2023 21:55:23
    |
Dmitri Goutnik (dmgk)  |
all: Bump PORTREVISION after GO_DEFAULT update. |
0.0.23.r2_7 14 Jan 2023 11:31:17
    |
Dmitri Goutnik (dmgk)  |
all: Bump PORTVERSION after lang/go{118,119} update |
0.0.23.r2_6 11 Dec 2022 11:17:27
    |
Dmitri Goutnik (dmgk)  |
all: Bump PORTREVISION after lang/go{118,119} update |
0.0.23.r2_5 06 Oct 2022 19:24:26
    |
Dmitri Goutnik (dmgk)  |
all: Bump PORTREVISION after lang/go{118,119} update |
0.0.23.r2_4 08 Sep 2022 16:33:18
    |
Dmitri Goutnik (dmgk)  |
all: Bump PORTREVISION after lang/go{118,119} update |
07 Sep 2022 21:58:51
    |
Stefan Eßer (se)  |
Remove WWW entries moved into port Makefiles
Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.
This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.
Approved by: portmgr (tcberner) |
0.0.23.r2_3 07 Sep 2022 21:10:59
    |
Stefan Eßer (se)  |
Add WWW entries to port Makefiles
It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.
Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.
There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
(Only the first 15 lines of the commit message are shown above ) |
0.0.23.r2_3 03 Aug 2022 21:35:13
    |
Dmitri Goutnik (dmgk)  |
all: Bump PORTREVISION after Go update
Bump Go ports PORTREVISION after GO_DEFAULT and lang/go118 update. |
0.0.23.r2_2 14 Jul 2022 12:46:05
    |
Dmitri Goutnik (dmgk)  |
all: Bump PORTREVISION after lang/go{117,118} update |
0.0.23.r2_1 07 Jun 2022 21:56:10
    |
Dmitri Goutnik (dmgk)  |
*/*: Bump port revisons after lang/go{117,118} update |
0.0.23.r2 06 Jun 2022 18:19:10
    |
Dmitri Goutnik (dmgk)  |
*/*: Repair after switching to versioned Go ports
- Add 1.17 to USES=go for ports that still need go117, remove GO_PORT;
- Add missing ${SETENV} ${MAKE_ENV} to repair BINARY_ALIAS;
- Remove explicit dependencies on lang/go.
PR: 264336
Reviewed by: ygy jwb yuri mikael drtr0jan@yandex.ru decke mat
Differential Revision: https://reviews.freebsd.org/D35346 |
0.0.23.r2 21 Feb 2022 20:27:44
    |
Florian Smeets (flo)  Author: Marco Mariani |
security/crowdsec-firewall-bouncer: Update to 0.0.23.r2
- updated executable to upstream v0.0.23-rc2
- reverted configuration to manual editing of pf.conf (optionally
with an anchor)
- removed log rotation with newsyslog (implemented natively in the
executable)
- removed dependency on crowdsec package (can be on an external host) |
0.0.20 06 Feb 2022 16:28:28
    |
Kurt Jaeger (pi)  Author: Marco |
security/crowdsec{-firewall-bouncer}: handle pkg upgrade
- avoid flushing the firewall rules upon install by using pf anchors
- restart service after upgrade if it was running before
PR: 261304
MFH: 2022Q1 |
0.0.20 15 Jan 2022 13:15:52
    |
Rene Ladan (rene)  |
security/crowdsec*: update to their latest releases
security/crowdsec:
- update to version 1.2.3
security/crowdsec-firewall-bouncer:
- update to version 0.0.20
- update pkg-message
Add log rotation to both ports, and other small improvements.
PR: 260262 |
0.0.17 17 Dec 2021 12:32:57
    |
Sofian Brabez (sbz)  |
security/crowdsec-firewall-bouncer: update to 0.0.17
Update to 0.0.17 release and pass the maintainership to the submitter.
PR: 260264 |
0.0.13 14 Jul 2021 14:09:23
    |
Sofian Brabez (sbz)  |
security/crowdsec-firewall-bouncer: update to 0.0.13 |
0.0.12 24 May 2021 15:38:06
    |
Sofian Brabez (sbz)  |
security/crowdsec-firewall-bouncer: new port
Crowdsec bouncer written in golang for firewalls.
cs-firewall-bouncer will fetch new and old decisions from a CrowdSec API
to add them in a blocklist used by supported firewalls.
WWW: https://github.com/crowdsecurity/cs-firewall-bouncer |