Error: Unable to parse duration ''

[hcsaustrup]

Anxiously trying to get crowdsec-firewall-bouncer working on Debian, but seeing this:

Jul 05 18:38:58 node1 crowdsec-firewall-bouncer[3387397]: time="2023-07-05T18:38:58Z" level=warning msg="missing 'pid_dir' directive, using default: '/var/run/'"
Jul 05 18:38:58 node1 crowdsec-firewall-bouncer[3387397]: time="2023-07-05T18:38:58Z" level=info msg="backend type : ipset"
Jul 05 18:38:58 node1 crowdsec-firewall-bouncer[3387397]: time="2023-07-05T18:38:58Z" level=info msg="config is valid"
Jul 05 18:38:58 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:38:58Z" level=info msg="crowdsec-firewall-bouncer v0.0.27-debian-pragmatic-8d09f19d69e92a63e63888794af3a57c6ade3489"
Jul 05 18:38:58 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:38:58Z" level=warning msg="missing 'pid_dir' directive, using default: '/var/run/'"
Jul 05 18:38:58 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:38:58Z" level=info msg="backend type : ipset"
Jul 05 18:38:58 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:38:58Z" level=info msg="iptables for ipv4 initiated"
Jul 05 18:38:58 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:38:58Z" level=info msg="ipset clean-up : /usr/sbin/ipset -exist flush crowdsec4"
Jul 05 18:38:58 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:38:58Z" level=info msg="Checking existing set"
Jul 05 18:38:59 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:38:59Z" level=info msg="iptables for ipv6 initiated"
Jul 05 18:38:59 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:38:59Z" level=info msg="ipset clean-up : /usr/sbin/ipset -exist flush crowdsec6"
Jul 05 18:38:59 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:38:59Z" level=info msg="Checking existing set"
Jul 05 18:39:00 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:39:00Z" level=info msg="Using API key auth"
Jul 05 18:39:00 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:39:00Z" level=info msg="Shutting down backend"
Jul 05 18:39:00 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:39:00Z" level=info msg="ipset clean-up : /usr/sbin/ipset -exist flush crowdsec4"
Jul 05 18:39:00 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:39:00Z" level=info msg="ipset clean-up : /usr/sbin/ipset -exist flush crowdsec6"
Jul 05 18:39:00 node1 crowdsec-firewall-bouncer[3387403]: time="2023-07-05T18:39:00Z" level=fatal msg="unable to parse duration '': time: invalid duration \"\""
Jul 05 18:39:00 node1 systemd[1]: crowdsec-firewall-bouncer.service: Main process exited, code=exited, status=1/FAILURE

lapi version:

crowdsec-lapi-768cd55b8d-2x792:/# cscli version
2023/07/05 20:47:59 version: v1.5.2-4fbc3402fba932c8bd34b671527dcf7909d264c0
2023/07/05 20:47:59 Codename: alphaga
2023/07/05 20:47:59 BuildDate: 2023-05-26_16:18:45
2023/07/05 20:47:59 GoVersion: 1.20.4
2023/07/05 20:47:59 Platform: docker
2023/07/05 20:47:59 Constraint_parser: >= 1.0, <= 2.0
2023/07/05 20:47:59 Constraint_scenario: >= 1.0, < 3.0
2023/07/05 20:47:59 Constraint_api: v1
2023/07/05 20:47:59 Constraint_acquis: >= 1.0, < 2.0

Any tips? :-)

[hcsaustrup]

Ah, turns out it was missing update_frequency in the configuration. Maybe provide a default value for this.

[LaurenceJJones]

Ah, turns out it was missing update_frequency in the configuration. Maybe provide a default value for this.

Guessing you mean if it doesn't exist in yaml, then set a default in code?

https://github.com/crowdsecurity/cs-firewall-bouncer/blob/main/config/crowdsec-firewall-bouncer.yaml#L2

[hcsaustrup]

Exactly :-)

[LaurenceJJones]

Closing as not planned user must define a duration within the configuration if not we just fail to load to not do thing users are not expecting

[mmetc]

I'm sorry @LaurenceJJones but it's too late, it was committed two months ago for all go bouncers. Should I revert?

INFO[0000] Starting crowdsec-firewall-bouncer v0.0.28-rc3-2-gd507615-d507615d3329ae705f78b8072c7a8c5a3e0ea28e INFO[0000] backend type : dry-run
INFO[0000] backend.Init() called
WARN[0000] lapi update interval is not defined, using default value of 10s

[LaurenceJJones]

WARN[0000] lapi update interval is not defined, using default value of 10s

No its fine.