dnutan
(Marc)
April 8, 2024, 7:23pm
1
ns8-crowdsec v1.0.7-dev.4
It doesn’t affect me but just a small issue I noticed last weekend (unless the intention is just to allow main domains).
FQDN validation is limited to three levels.
1 Like
LayLow
(HF)
April 8, 2024, 7:49pm
2
Interesting, made me read this Fully qualified domain name - Wikipedia
So it seems we have a FQDN in DNS and in Human readable terms?
stephdl
(Stéphane de Labrusse)
April 9, 2024, 6:51am
3
hello
could you test
add-module ghcr.io/nethserver/crowdsec:validatetextarea
NethServer:main
← NethServer:ValidateTextarea
opened 06:48AM - 09 Apr 24 UTC
see https://community.nethserver.org/t/ns8-crowdsec-limited-domain-levels-in-all… ow-list/23301
the regex seems to validate at least 3 strings for a fqdn, we need to validate more than `foo.joe.com`. Furthermore @DavidePrincipi asked to validate everything in the json schema rather in the UI
Refs https://github.com/NethServer/dev/issues/6900
what I learn:
- idn-email json schema accepts really fun email address : https://en.wikipedia.org/wiki/Email_address#Internationalization
- hostname accepts 1.2.3.450 as a valid hostname, hard to validate ipv4, I needed to make a regex to validate hostname
- format ipv4 does not validate cidr ipv4 (I did a regex to validate a cidr ipv4)
- format ipv6 does not validate cidr ipv6 (I did a regex to validate both)
- empty array must be validated to :p
now we have a full json schema validation, nothing more in UI
![Capture d’écran du 2024-04-09 13-01-29](https://github.com/NethServer/ns8-crowdsec/assets/3164851/528d9741-7f36-43c3-a506-e955f56047f9)
![Capture d’écran du 2024-04-09 13-01-44](https://github.com/NethServer/ns8-crowdsec/assets/3164851/052df608-0672-464f-9657-e65c6087b418)
![Capture d’écran du 2024-04-09 13-01-58](https://github.com/NethServer/ns8-crowdsec/assets/3164851/6108e3b5-84fb-4aa5-b8a9-49da66a8c45e)
![image](https://github.com/NethServer/ns8-crowdsec/assets/3164851/e65eb58f-2058-4a9b-81ba-2263714e7c8e)
the test data
```
10.10.10.0/24
2002::1234:abcd:ffff:c0a8:101/64
2002:0000:0000:1234:ffff:ffff:ffff:ffff
1.2.3.44
foo.org
foo.foo.org
12123564.org
```
4 Likes
dnutan
(Marc)
April 9, 2024, 12:16pm
4
Tested and the fix is working!
1 Like
stephdl
(Stéphane de Labrusse)
April 9, 2024, 12:18pm
5
thank, @davidep asked me to do differently, I will ping you asap if you could verify it
2 Likes
davidep
(Davide Principi)
April 9, 2024, 4:14pm
6
The module version for testing is 1.0.7-dev.5. Install it with
add-module ghcr.io/nethserver/crowdsec:1.0.7-dev.5 1
Replace the trailing 1 with the preferred node ID.
Update existing installations with
api-cli run update-module --data '{"module_url":"ghcr.io/nethserver/crowdsec:1.0.7-dev.5","instances":["crowdsec1"]}'
Replace crowdsec1
with the relevant module ID.
Frontend validation was replaced by the API validator, implemented with JSON schema.
there is an open issue with the container implementation: if restarted frequently it might hit a GeoIP DB download limit
1 Like
stephdl
(Stéphane de Labrusse)
April 10, 2024, 2:04pm
8
the geo_ip downloaded is done just one time a the installation , it might happen every 15 days when we trigger a hub update
Maybe I played too much with the crowdsec installation, however it is a dev and tester issue, be aware
Trying to install crowdsec by container I fail at the first start with a 403 Mar 19 11:16:52 R1-pve.rocky9-pve.org crowdsec1[27844]: time="19-03-2024 10:16:52" level=fatal msg="Failed to get Hub index : failed to download index: bad http code 403...
Reading time: 1 mins 🕑
Likes: 3 ❤
1 Like
davidep
(Davide Principi)
April 10, 2024, 2:07pm
9
Thank you all, version 1.0.7 is now publicly available!
BTW it seems there’s an ongoing upstream issue. Installation fails
Running: cscli parsers install "crowdsecurity/docker-logs"
time="2024-04-10T14:08:28Z" level=fatal msg="error while installing 'crowdsecurity/docker-logs': while downloading crowdsecurity/docker-logs: Get \"https://hub-cdn.crowdsec.net/master/parsers/s00-raw/crowdsecurity/docker-logs.yaml\": read tcp [2a03:b0c0:3:d0::1a24:9001]:59728->[2600:9000:223c:da00:16:30f4:d640:93a1]:443: read: connection reset by peer"
connection reset by peer
In similar cases
remove the module
try to reinstall