il/ilnmors-homelab
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cb4d17f99e136637c975ff12309f32f58b0dd60d
ilnmors-homelab/docs/issues/crowdsec/260404_opencloud.md
il cb4d17f99e docs(issues): add the past issues which existed before tracking issues 
add crowdsec false positive issues

fix the file name of affine android oidc issues
2026-04-27 19:50:04 +09:00

1013 B
Raw Blame History

OpenCloud crowdsec false positive issue

Status

  • Finished

Date

  • 2026-04-04

Version

  • OpenCloud: 4.0.4

Problem

  • When users download some files, all connections to homelab services are refused.
    • fw ban users' IP address.

Reason

  • OpenCloud uses chunks when clients uploads or download files to it.
  • LAPI decides a ban when a lot of chunks file is uploaded or downloaded from external devices

Timeline

  • 2026-04-04: Release Immich
  • 2026-04-04: Find the false positive case, and add whitelist

Solution

  • Access to fw
    • Check the ban list with sudo cscli alerts list
    • Read the ban case with sudo cscli alerts inspect $NUMBER
  • Add regex on whitelist
    • evt.Meta.target_fqdn == '{{ services['opencloud']['domain']['public'] }}.{{ domain['public'] }}' && evt.Meta.http_path contains '/js/chunks/'
  • Delete false positive decision
    • Check false positive decision with sudo cscli decision list
    • Delete false positive decision with sudo cscli decision list --id $ID
Reference in New Issue View Git Blame Copy Permalink