Closed Orgoth closed 5 months ago
@Orgoth: Thanks for opening an issue, it is currently awaiting triage.
In the meantime, you can:
What happened?
I needed to change the port of crowdsec from 8080 to 9090 since a other process needs this port. After changing the configs to 9090, the crowdsec-firewall-bouncer wont start anymore without a helpful error message.
/usr/bin/crowdsec-firewall-bouncer -c /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml time="26-06-2024 11:01:33" level=fatal msg="process terminated with error: bouncer stream halted"
What did you expect to happen?
It should start. :)
How can we reproduce it (as minimally and precisely as possible)?
new server instance of ubuntu run a nodejs server on port 8080 Install the current version of crowdsec and firewall-bouncer-iptables. change port from 8080 to 9090 /etc/crowdsec/config.yaml /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml
restart crowdsec restart crowdsec-firewall-bouncer-iptables
crowdsec it self starts without errors firewall-bouncer wont
test: /usr/bin/crowdsec-firewall-bouncer -c /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml time="26-06-2024 11:01:33" level=fatal msg="process terminated with error: bouncer stream halted"
Anything else we need to know?
No response
Crowdsec version
OS version
Enabled collections and parsers
Acquisition config
### Config show ### Prometheus metrics ### Related custom configs versions (if applicable) : notification plugins, custom scenarios, parsers etc.
Did you also change the /etc/crowdsec/local_api_credentials.yaml
to point towards the same port? The fatal is happening because it didnt get a response on port 9090 since most likely CrowdSec failed to start
Most likely CrowdSec is not failing because you have a http server on port 8080 so it sending them to your nodejs app
Yes, I did change the file, forgot to mention.
url: http://127.0.0.1:9090
login: 0b88819939fe4782923010c8996.....
password: hWdvnIfkD2S7qACWFEvigN9CB.....
Yes, I did change the file, forgot to mention.
url: http://127.0.0.1:9090 login: 0b88819939fe4782923010c8996..... password: hWdvnIfkD2S7qACWFEvigN9CB.....
And if you run sudo ss -lntp
you see CrowdSec currently using that port?
yes
LISTEN 0 128 127.0.0.1:9090 0.0.0.0:* users:(("crowdsec",pid=16630,fd=27))
netstat:
tcp 0 0 127.0.0.1:9090 0.0.0.0:* LISTEN 16630/crowdsec
Interesting, if you look at the CrowdSec logs is there anything interesting? /var/log/crowdsec.log
? maybe bouncer not found or something?
Only this message contained bouncer:
time="2024-06-26T10:33:39+02:00" level=error msg="while fetching bouncer info: ent: bouncer not found" ip=127.0.0.1
Only this message contained bouncer:
time="2024-06-26T10:33:39+02:00" level=error msg="while fetching bouncer info: ent: bouncer not found" ip=127.0.0.1
Its complaining that the API key in the bouncer configuration does not exist within the database. You can generate a new one via cscli bouncers add <name>
Thank you this has fixed the issue. But strange, I have to do this, when changing only the port. :) I will include this note in my documentation on setting up servers.
Have a nice day.
Thank you this has fixed the issue. But strange, I have to do this, when changing only the port. :) I will include this note in my documentation on setting up servers.
Have a nice day.
Did you change database at all? as normally upon installation it will generate the key, there is only two ways this can be affected:
I had installed an old version 1.4.x with the old instructions. https://docs.crowdsec.net/docs/v1.4.0/getting_started/install_crowdsec
Today I realized, the installation routine has changed. I then uninstalled crowdsec and the bouncer.
apt --purge remove crowdsec crowdsec-firewall-bouncer-iptables
Then followed the installation instructions for 1.6. https://docs.crowdsec.net/docs/getting_started/install_crowdsec
Then tried to change the port to 9090 and faced the issue.
What happened?
I needed to change the port of crowdsec from 8080 to 9090 since a other process needs this port. After changing the configs to 9090, the crowdsec-firewall-bouncer wont start anymore without a helpful error message.
/usr/bin/crowdsec-firewall-bouncer -c /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml time="26-06-2024 11:01:33" level=fatal msg="process terminated with error: bouncer stream halted"
What did you expect to happen?
It should start. :)
How can we reproduce it (as minimally and precisely as possible)?
new server instance of ubuntu run a nodejs server on port 8080 Install the current version of crowdsec and firewall-bouncer-iptables. change port from 8080 to 9090 /etc/crowdsec/config.yaml /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml
restart crowdsec restart crowdsec-firewall-bouncer-iptables
crowdsec it self starts without errors firewall-bouncer wont
test: /usr/bin/crowdsec-firewall-bouncer -c /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml time="26-06-2024 11:01:33" level=fatal msg="process terminated with error: bouncer stream halted"
Anything else we need to know?
No response
Crowdsec version
OS version
Enabled collections and parsers
Acquisition config
Config show
Prometheus metrics
Related custom configs versions (if applicable) : notification plugins, custom scenarios, parsers etc.