Crowdsec packages for OpenWrt

You have the default port which is already used !
You have to modify port from 8080 to something else... (I personally use 9999)...
Then you must reconfigure the config.yaml and local_api.yaml
This all was partially automated in the latest PR...
A external script now will be usable to reconfigure from /etc/config/crowdsec.

oh ok, can you guide me on how to change the port ?

Next release will add this parameters in cat /etc/config/crowdsec file.

config crowdsec 'crowdsec'
	option data_dir '/srv/crowdsec/data'
	option db_path '/srv/crowdsec/data/crowdsec.db'
	option lapi_host '127.0.0.1'
	option lapi_port '9999'
	option configdir '/etc/crowdsec'

Add them manually and then...
use the script from the PR...
https://raw.githubusercontent.com/openwrt/packages/492699eb8a02e6b15980f1d6bab0d050939018fc/net/crowdsec/files/crowdsec.script
You can try to download it on the OpenWrt target with:
Create the necessary directory for the script;

mkdir -p /usr/lib/crowdsec/scripts

downlaod it and save it in the folder;

wget https://raw.githubusercontent.com/openwrt/packages/492699eb8a02e6b15980f1d6bab0d050939018fc/net/crowdsec/files/crowdsec.script -O /usr/lib/crowdsec/scripts/cs_script.sh

Then you can use it directly (look at the end of the wiki page, already documented partially...) with;

. /usr/lib/crowdsec/scripts/cs_script.sh

a full synchronisation of your modifications from /etc/config/crowdsec can be done; with;

cs_prepare # to check the necessary directories…
cs_init # to prepare the config file with modified settings…
cs_register # to check the LAPI and CAPI registering status and register the local host…
cs_hub # to update hub, install collections from hub, and upgrade from hub…

Then check, as usual, with cscli command line tool and also log files in /var/log/crowdsec*.log
This all will be better handled with more command in next release of the script !

Hi, thanks for your detailed explanation. This is my Output for the cs_hub.

root@rpi4-e45f01048a /42# cs_hub
INFO[07-02-2022 02:39:02 PM] Wrote new 277818 bytes index to /etc/crowdsec/hub/.index.json
WARN[07-02-2022 02:39:02 PM] crowdsecurity/syslog-logs : overwrite
WARN[07-02-2022 02:39:02 PM] crowdsecurity/geoip-enrich : overwrite
WARN[07-02-2022 02:39:02 PM] crowdsecurity/dateparse-enrich : overwrite
WARN[07-02-2022 02:39:02 PM] crowdsecurity/sshd-logs : overwrite
WARN[07-02-2022 02:39:02 PM] crowdsecurity/ssh-bf : overwrite
WARN[07-02-2022 02:39:02 PM] crowdsecurity/ssh-slow-bf : overwrite
WARN[07-02-2022 02:39:02 PM] crowdsecurity/sshd : overwrite
WARN[07-02-2022 02:39:02 PM] crowdsecurity/sshd : overwrite
WARN[07-02-2022 02:39:02 PM] crowdsecurity/linux : overwrite
INFO[07-02-2022 02:39:02 PM] /etc/crowdsec/collections/sshd.yaml already exists.
INFO[07-02-2022 02:39:02 PM] /etc/crowdsec/collections/linux.yaml already exists.
INFO[07-02-2022 02:39:02 PM] Enabled crowdsecurity/linux
INFO[07-02-2022 02:39:02 PM] Run 'sudo systemctl reload crowdsec' for the new configuration to be effective.
INFO[07-02-2022 02:39:02 PM] crowdsecurity/iptables-logs : OK
INFO[07-02-2022 02:39:02 PM] Enabled parsers : crowdsecurity/iptables-logs
INFO[07-02-2022 02:39:02 PM] crowdsecurity/iptables-scan-multi_ports : OK
INFO[07-02-2022 02:39:02 PM] Enabled scenarios : crowdsecurity/iptables-scan-multi_ports
INFO[07-02-2022 02:39:02 PM] crowdsecurity/iptables : OK
INFO[07-02-2022 02:39:02 PM] Enabled collections : crowdsecurity/iptables
INFO[07-02-2022 02:39:02 PM] Enabled crowdsecurity/iptables
INFO[07-02-2022 02:39:02 PM] Run 'sudo systemctl reload crowdsec' for the new configuration to be effective.
WARN[07-02-2022 02:39:03 PM] crowdsecurity/whitelists : overwrite
INFO[07-02-2022 02:39:03 PM] Enabled crowdsecurity/whitelists
INFO[07-02-2022 02:39:03 PM] Run 'sudo systemctl reload crowdsec' for the new configuration to be effective.
INFO[07-02-2022 02:39:03 PM] Upgrading collections
INFO[07-02-2022 02:39:03 PM] crowdsecurity/base-http-scenarios : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/sshd : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/linux : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/iptables : up-to-date
INFO[07-02-2022 02:39:03 PM] All collections are already up-to-date
INFO[07-02-2022 02:39:03 PM] Upgrading parsers
INFO[07-02-2022 02:39:03 PM] crowdsecurity/dateparse-enrich : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/sshd-logs : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/syslog-logs : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/geoip-enrich : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/whitelists : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/http-logs : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/iptables-logs : up-to-date
INFO[07-02-2022 02:39:03 PM] All parsers are already up-to-date
INFO[07-02-2022 02:39:03 PM] Upgrading scenarios
INFO[07-02-2022 02:39:03 PM] crowdsecurity/iptables-scan-multi_ports : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/ssh-slow-bf : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/http-generic-bf : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/http-probing : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/ssh-bf : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/http-sensitive-files : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/http-xss-probing : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/http-backdoors-attempts : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/http-open-proxy : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/http-sqli-probing : up-to-date
INFO[07-02-2022 02:39:03 PM] ltsich/http-w00tw00t : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/http-bad-user-agent : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/http-path-traversal-probing : up-to-date
INFO[07-02-2022 02:39:03 PM] crowdsecurity/http-crawl-non_statics : up-to-date
INFO[07-02-2022 02:39:03 PM] All scenarios are already up-to-date
INFO[07-02-2022 02:39:03 PM] Upgrading postoverflows
INFO[07-02-2022 02:39:03 PM] No postoverflows installed, nothing to upgrade
root@rpi4-e45f01048a /43#

Is it looking healthy ? i mean have i setup the Crowdsec properly? if i have to use nftables, should i uninstall iptables ?

Have you done the others commands ?
Is the log ok also ?
Remember to restart the service with

service crowdsec restart

after such modifications, and when asked by the feedbacks.

If you want to use nftables, just install it !
It will be detected and used in priority by the crowdsec-firewall-bouncer.
Just look at the output when restarting the firewall bouncer service;

service crowdsec-firewall-bouncer restart

I will add a more explicit output, with something like : using the ... backend! in a later PR... may be...

yes i did restart the firewall bouncer and also crowdsec. It says no post overflows installed. Is it normal ? And i have iptables and nftables both installed and it took nftables as default.
But how do i check whether nftables is working ???

Already answered on the wiki!
I am not using nftables, so I do not remember (but wrote it on the wiki already)
overflows are another protection...

use cscli decisions list to see what is used from the central IP share by crowdsec servers !

this is the error i am getting

root@rpi4-e45f01048a /43# cscli decisions list

FATA[07-02-2022 03:21:07 PM] Unable to list decisions : performing request: Get "http://127.0.0.1:9999/v1/alerts?has_active_decision=true&include_capi=false&limit=100": could not get jwt token: Post "http://127.0.0.1:9999/v1/watchers/login": dial tcp 127.0.0.1:9999: connect: connection refused

after restarting the Crowdsec service, i have no active decision !!!

Hi, i used your latest script and i have error output when i type cscli metrics

root@rpi4-e45f01048a /44# cscli metrics
FATA[07-02-2022 05:14:08 PM] failed to fetch prometheus metrics : executing GET request for URL "http://127.0.0.1:6060/metrics" failed: Get "http://127.0.0.1:6060/metrics": dial tcp 127.0.0.1:6060: connect: connection refused

what is wrong with my setup ?

what are the command you have made ?
Please post;

cat /etc/config/crowdsec

Then issue:

. /usr/lib/crowdsec/scripts/cs_script.sh
cs_prepare # to check the necessary directories…
cs_init # to prepare the config file with modified settings…
cs_register # to check the LAPI and CAPI registering status and register the local host…
cs_hub # to update hub, install collections from hub, and upgrade from hub…

And copy/paste here the results...

Then issue a new;

service crowdsec restart

and another;

cscli metrics

root@rpi4-e45f01048a /42# cat /etc/config/crowdsec

config crowdsec 'crowdsec'
option data_dir '/srv/crowdsec/data'
option db_path '/srv/crowdsec/data/crowdsec.db'
option configdir '/etc/crowdsec'
option lapi_host '127.0.0.1'
option lapi_port '8888

I did exactly as you described above. Even then the dante error i am getting. I don't know why

Here is the complete log from the above command

root@rpi4-e45f01048a /41# cs_prepare root@rpi4-e45f01048a /48# cs_init Modify initial config file: /etc/crowdsec/config.yaml
root@rpi4-e45f01048a /45# cs_register
INFO: local API already registered…
INFO: online API already registered…
root@rpi4-e45f01048a /45# cs_hub
INFO[07-02-2022 06:15:41 PM] Wrote new 277818 bytes index to /etc/crowdsec/hub/.index.json
WARN[07-02-2022 06:15:42 PM] crowdsecurity/syslog-logs : overwrite
WARN[07-02-2022 06:15:42 PM] crowdsecurity/geoip-enrich : overwrite
WARN[07-02-2022 06:15:42 PM] crowdsecurity/dateparse-enrich : overwrite
WARN[07-02-2022 06:15:42 PM] crowdsecurity/sshd-logs : overwrite
WARN[07-02-2022 06:15:42 PM] crowdsecurity/ssh-bf : overwrite
WARN[07-02-2022 06:15:42 PM] crowdsecurity/ssh-slow-bf : overwrite
WARN[07-02-2022 06:15:42 PM] crowdsecurity/sshd : overwrite
WARN[07-02-2022 06:15:42 PM] crowdsecurity/sshd : overwrite
WARN[07-02-2022 06:15:42 PM] crowdsecurity/linux : overwrite
INFO[07-02-2022 06:15:42 PM] /etc/crowdsec/collections/sshd.yaml already exists.
INFO[07-02-2022 06:15:42 PM] /etc/crowdsec/collections/linux.yaml already exists.
INFO[07-02-2022 06:15:42 PM] Enabled crowdsecurity/linux
INFO[07-02-2022 06:15:42 PM] Run 'sudo systemctl reload crowdsec' for the new configuration to be effective.
WARN[07-02-2022 06:15:42 PM] crowdsecurity/iptables-logs : overwrite
WARN[07-02-2022 06:15:42 PM] crowdsecurity/iptables-scan-multi_ports : overwrite
WARN[07-02-2022 06:15:42 PM] crowdsecurity/iptables : overwrite
INFO[07-02-2022 06:15:42 PM] /etc/crowdsec/collections/iptables.yaml already exists.
INFO[07-02-2022 06:15:42 PM] Enabled crowdsecurity/iptables
INFO[07-02-2022 06:15:42 PM] Run 'sudo systemctl reload crowdsec' for the new configuration to be effective.
WARN[07-02-2022 06:15:43 PM] crowdsecurity/whitelists : overwrite
INFO[07-02-2022 06:15:43 PM] Enabled crowdsecurity/whitelists
INFO[07-02-2022 06:15:43 PM] Run 'sudo systemctl reload crowdsec' for the new configuration to be effective.
INFO[07-02-2022 06:15:43 PM] Upgrading collections
INFO[07-02-2022 06:15:43 PM] crowdsecurity/whitelist-good-actors : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/freebsd : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/modsecurity : up-to-date
INFO[07-02-2022 06:15:43 PM] fulljackz/pureftpd : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/cpanel : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/mssql : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/windows : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/linux : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/mysql : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/pgsql : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/iptables : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/proftpd : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/postfix : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/windows-firewall : up-to-date
INFO[07-02-2022 06:15:43 PM] jusabatier/apereo-cas : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/wordpress : up-to-date
INFO[07-02-2022 06:15:43 PM] firewallservices/lemonldap-ng : up-to-date
INFO[07-02-2022 06:15:43 PM] firewallservices/pf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/asterisk : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/haproxy : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/nextcloud : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/sshd : up-to-date
INFO[07-02-2022 06:15:43 PM] firewallservices/zimbra : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/vsftpd : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/base-http-scenarios : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/home-assistant : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/traefik : up-to-date
INFO[07-02-2022 06:15:43 PM] All collections are already up-to-date
INFO[07-02-2022 06:15:43 PM] Upgrading parsers
INFO[07-02-2022 06:15:43 PM] crowdsecurity/home-assistant-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/tcpdump-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/vsftpd-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] firewallservices/pf-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] fulljackz/proxmox-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/cpanel-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/geoip-enrich : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/modsecurity : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/mssql-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/smb-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] firewallservices/lemonldap-ng : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/asterisk-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/nextcloud-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/postfix-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/sshd-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/syslog-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] fulljackz/pureftpd-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/apache2-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] firewallservices/zimbra-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/haproxy-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/nginx-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/pgsql-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/postscreen-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/windows-auth : up-to-date
INFO[07-02-2022 06:15:43 PM] jusabatier/apereo-cas-audit-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/fastly-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/windows-firewall-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/windows-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/dateparse-enrich : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/pam-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/whitelists : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/iptables-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/mysql-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/proftpd-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/traefik-logs : up-to-date
INFO[07-02-2022 06:15:43 PM] All parsers are already up-to-date
INFO[07-02-2022 06:15:43 PM] Upgrading scenarios
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-backdoors-attempts : up-to-date INFO[07-02-2022 06:15:43 PM] crowdsecurity/postfix-spam : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/modsecurity : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/telnet-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/home-assistant-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] firewallservices/pf-scan-multi_ports : up-to-date
INFO[07-02-2022 06:15:43 PM] ltsich/http-w00tw00t : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-crawl-non_statics : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/asterisk_bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/pulse-secure-sslvpn-cve-2019-11510 : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-sensitive-files : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/ssh-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-probing : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-sqli-probing : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/thinkphp-cve-2018-20062 : up-to-date INFO[07-02-2022 06:15:43 PM] crowdsecurity/windows-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] firewallservices/lemonldap-ng-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] firewallservices/zimbra-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/apache_log4j2_cve-2021-44228 : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-bad-user-agent : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/nextcloud-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/pgsql-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/cpanel-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/mysql-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/smb-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/ssh-slow-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/ban-defcon-drop_range : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/iptables-scan-multi_ports : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-open-proxy : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-xss-probing : up-to-date
INFO[07-02-2022 06:15:43 PM] fulljackz/pureftpd-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/dovecot-spam : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/vsftpd-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] jusabatier/apereo-cas-slow-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/proftpd-bf_user-enum : up-to-date
INFO[07-02-2022 06:15:43 PM] jusabatier/apereo-cas-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] jusabatier/cas-slow-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-generic-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-path-traversal-probing : up-to-date
INFO[07-02-2022 06:15:43 PM] fulljackz/proxmox-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/asterisk_user_enum : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/proftpd-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-wordpress_wpconfig : up-to-date INFO[07-02-2022 06:15:43 PM] crowdsecurity/mssql-bf : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/http-bf-wordpress_bf : up-to-date
INFO[07-02-2022 06:15:43 PM] All scenarios are already up-to-date
INFO[07-02-2022 06:15:43 PM] Upgrading postoverflows
INFO[07-02-2022 06:15:43 PM] crowdsecurity/cdn-whitelist : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/rdns : up-to-date
INFO[07-02-2022 06:15:43 PM] crowdsecurity/seo-bots-whitelist : up-to-date
INFO[07-02-2022 06:15:43 PM] All postoverflows are already up-to-date

root@STARGATE:~# cat /etc/crowdsec/local_api_credentials.yaml | grep url
url: http://127.0.0.1:9999
root@STARGATE:~# cat /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml | grep url
api_url: http://localhost:9999/
root@STARGATE:~# cat /etc/crowdsec/config.yaml | grep listen_uri
    listen_uri: 127.0.0.1:9999

can you posts yours;

cat /etc/crowdsec/config.yaml | grep listen_uri
cat /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml | grep url
cat /etc/crowdsec/local_api_credentials.yaml | grep url

you can also do a cscli lapi status to check that LAPI is working well, and you host is correctly registered;

cscli lapi status

Hi, i was so impatient that i uninstalled the crowdsec package completely and came for night duty because it gave me continuous errors.
Tomorrow morning i will try the steps you explained to me after reinstalling Crowdsec. Sorry no offense. Your package is great and it was working great till before. Buy i don't know what happened now... I will try to get it to working mode again.

Can you please tell me is there a way to backup and reinstall the configs including the parsers/collections??? It's very time consuming process everytime i have to manually reinstall every collection/addon for Crowdsec....

Yes, This is already explain in the wiki !
You can backup adn restore.
Confs are partly already keeped while upgrading package in openwrt... but it still have to be enhanced !

Andd I may also add RTFM

Then, try this;

• Check and modify your /etc/config/crowdsec
• Install the crowdsec package

Look to correct some config files from your saved one ( any file with .yaml-opkg-backup in /etc/crowdsec/ )
Do not simply restore them by copying, because some stuff may require unique ID reference from crowdsec.db, made by cscli command at initialization stage, which is done at post install of the package.

Feel free to post your experience here…
It may help to fix some bugs, and also may advice to experiment more user friendly experience in the re-install or upgrade process…
I plan to enhance the new script with more automated behaviors like;

• health check status
• reports
• recover of user configs in upgrade
• backup and restore with uninstall and upgrade
• full reset
• … may be more …

here is the Output of the commands which you asked me to execute....

root@rpi4-e45f01048a /44# cat /etc/crowdsec/config.yaml | grep listen_uri
listen_uri: 127.0.0.1:8080
root@rpi4-e45f01048a /43# cat /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.y
aml | grep url
api_url: http://localhost:8080/
root@rpi4-e45f01048a /43# cat /etc/crowdsec/local_api_credentials.yaml | grep ur
l
url: http://127.0.0.1:8080
root@rpi4-e45f01048a /42# cscli lapi status
INFO[08-02-2022 11:25:15 AM] Loaded credentials from /etc/crowdsec/local_api_credentials.yaml
INFO[08-02-2022 11:25:15 AM] Trying to authenticate with username bd4ff515dd5b4905af6891bc631e3c9azALe7K4jMPjyb00s on http://127.0.0.1:8080/
INFO[08-02-2022 11:25:15 AM] You can successfully interact with Local API (LAPI)
root@rpi4-e45f01048a /43#

can you please suggest me which scenarios/collections/parsers to be installed as default ???

All works fine then !

Defaults ones may be sufficient...

Generally it depends about what your system is hosting and need to protect.
I have an OpenWrt host with Dockerized NextCloud and NginxProxyManager, so I installed the two needed collections and sets them to my own usage (already shared the experience in the wiki as example...)

For OpenWrt specifics, like ssh, luci, ... there is nothing for now.
This is in my TODO (an issue on Upstream CrowdSec may also reffer this need...)
This is still a work in progress (TODO) for OpenWrt specifics analysis...
Do not hesitate to contribute if you care...

I also plan to make a LuCI component...
A lot of work to do, but a lot already done!

I may also suggest you to try the CrowdSec WebConsole beta test program.
It give you the Web access to your personal alerts...
I can see on it the daily attacks attempts on my Gateway!

I am in the debug of email alerts, still not working, that I will share here and on Wiki when working !

There is, as already said the cscli configs show/backup/restore... but...

There is also, already the default OpenWrt backup of configs, and also for crowdsec, the backup of /etc/crowdsec/*.yaml...

You just can look at any file ending with -opkg.backup -opkg in /etc/crowdsec/ folders.
This is already managed by OpenWrt opkg command which made backup of any user modified file and also keep old file.