Best way to integrate CrowdSec with HestiaCP IPTables?

As I am running Fail2Ban at the same time, I was considering to install CrowdSec in addition to Fail2Ban. However, I am wondering as to how I would implement CrowdSec properly into my HestiaCP installation. Does anyone have any suggestion as to how I would properly go about running CrowdSec alongside Fail2Ban & HestiaCP in the most easily integrated manner?

Thanks in advance :slight_smile:

1 Like

fail2ban not enough? It works very well. I recommend writing your filters and it’s great :+1::v:

Fail2ban is not CrowdSec. Personally I recommend using CrowdSec RBL feed to block the bad IPs, I think it’s called Blocklist mirror.

I’m aware that they’re not the same, I want to run both at the same time. But if I can get the feed from CrowdSec and have it loaded into Fail2Ban, then I guess it would achieve the same. I’ll look into it, thanks.

I don’t use the firewall panel from Hestia, neither fail2ban.

On my custom setup I have iptables / shorewall / ipset / crowdsec.
I use the crowdsec-firewall-bouncer in ipset mode.
At startup I create my set, and then I start the bouncer who will use that set. And on shorewall I just drop everything from that set.

I have try to use the ipset mode with hestia, but you can’t create a empty set… Then I have just drop everything from hestia for the firewall part, and manage everything through my scripts and command line…

use webmin and it has a great firewall editor. You will have to use

iptables-legacy-save

after you apply and save. I found that, even though it is linux, I have to reboot to get the rules to stick.

One of my rules:

Has anyone integrated this with hestia firewall. I had an issue with integrating and now have a potential work around, but I’m wondering if someone has found a more elegant solution.

Thanks!