Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New package: security/pfSense-pkg-crowdsec. Implement #14712 #1311

Open
wants to merge 6 commits into
base: devel
Choose a base branch
from

Conversation

mmetc
Copy link
Contributor

@mmetc mmetc commented Nov 6, 2023

Hi!

We (CrowdSec) would like to contribute this plugin, which has been requested by our users for a while. Any feedback and suggestion is welcome.

It provides full integration with a crowdsec engine for thread detection and remediation. The engine can be offloaded to a separate machine to spare CPU cycles, or installed within pfsense. The remediation component synchronizes the block lists with a PF table. We tried to follow your practices with regards to development patterns and conventions. The UI may seem a little off mainly for the javascript tables, we can improve that on a later release.

The package brings some dependencies that are currently not built by pfsense:

  • crowdsec 1.5.5 (upstream freebsd version -- pfsense is at 1.5.4)
  • crowdsec-firewall-bouncer 0.0.28_1 (pfsense is at 0.0.28)
  • re2
  • abseil

Until the package is accepted in the mainstream repository, it can be tested with our provided binaries - basic documentation here: https://docs.crowdsec.net/docs/next/getting_started/install_crowdsec_pfsense

Since we need to read/write YAML to configure crowdsec, we embedded the symfony/yaml packge. If there is a cleaner solution to provide it as dependency or an alternative package, let us know.

First time contributors here, so please be lenient (with @julienloizelet, he wrote the good parts)

Related issue: https://redmine.pfsense.org/issues/14712

@mmetc mmetc force-pushed the crowdsec branch 2 times, most recently from c53b465 to ddccdf7 Compare January 3, 2024 12:33
@buixor
Copy link

buixor commented Mar 15, 2024

Hello,

Can we do anything to help this move forward?

Thanks,

@pushc6
Copy link

pushc6 commented Jun 27, 2024

Bumping this. Would love to see this be officially added.

@j007bond007
Copy link

I'd like to see this added as well please!

@andrebrait
Copy link

andrebrait commented Aug 1, 2024

This is weird.

This PR has been open for so long the package versions are already out of date, and no one got to even look at it?

Even more surprising is the fact it's CrowdSec. It's not a minor project in any shape or form.

Are the (pfSense) maintainers overwhelmed with work from other areas or something?

@mmetc
Copy link
Contributor Author

mmetc commented Aug 2, 2024

Hi @andrebrait

For my part I am committed to keeping this PR up to date and release binaries in https://github.com/crowdsecurity/pfSense-pkg-crowdsec/releases

I will do some backlog work and release a new version when 1.6.3 is out, probably in a couple of weeks

@Enissay
Copy link

Enissay commented Aug 21, 2024

I hope this will get validated and merged before it turns 1yo!

@j007bond007
Copy link

Any updates on this? Seems like it's taking a long time.

@Enissay
Copy link

Enissay commented Oct 9, 2024

Why not validate this already, it will be a great addition to pfsense!

@Enissay
Copy link

Enissay commented Oct 9, 2024

This is weird.

This PR has been open for so long the package versions are already out of date, and no one got to even look at it?

Even more surprising is the fact it's CrowdSec. It's not a minor project in any shape or form.

Are the (pfSense) maintainers overwhelmed with work from other areas or something?

Frankly the more time passes, the more this seems to be on purpose. Could it be they are prepping their own CrowdSec alt ? well I really hope so, just get it over with and give us something >_>

@michmoor0725
Copy link

Fair to say the Netgate team has been under pressure for quite some time with the MIM project. That said I can't believe this PR can't be merged. There is something else going on we are not privy to.

@marcos-ng marcos-ng changed the title new package: security/pfSense-pkg-crowdsec v0.1 New package: security/pfSense-pkg-crowdsec. Implement #14712 Oct 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants