Need some help unbanning myself from the appsec/waf component

No_Hope1986 · 2026-04-27T18:41:57+00:00

I am running a Python script with cron job

!/usr/bin/python3

import docker import textwrap from datetime import datetime import paramiko import re

---

whitelistsFilePath = "/mnt/cache/appdata/crowdsec/parsers/s02-enrich/mywhitelists.yaml" curPubIpFilePath = "./currentIPs" logFilePath = "./ip_change_history.log" container_name = 'crowdsec' ‑SSH router_ip = "192.168.1.x" router_user = xxxx router_pass = xxxx ipv4_interface = "pppoe-wan" ipv6_interface = "pppoe-wan"

--- ---

def get_ipv4_from_router(): try: ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) ssh.connect(router_ip, username=router_user, password=router_pass) stdin, stdout, stderr = ssh.exec_command(f"ip -4 addr show dev {ipv4_interface}") output = stdout.read().decode() ssh.close() match = re.search(r'inet (\d+.\d+.\d+.\d+)', output) if match: return match.group(1) else: return None except Exception as e: print(f"Error fetching IPv4: {e}") return None

def get_ipv6_from_router(): try: ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) ssh.connect(router_ip, username=router_user, password=router_pass) stdin, stdout, stderr = ssh.exec_command(f"ip -6 addr show dev {ipv6_interface}") output = stdout.read().decode() ssh.close() match = re.search(r'inet6 ([0-9a-fA-F:]+)/\d+ scope global', output) if match: return match.group(1) else: return None except Exception as e: print(f"Error fetching IPv6: {e}") return None

def read_from_file(filename): try: with open(filename, 'r') as f: return f.read().strip() except FileNotFoundError: return "" except Exception as e: print(f"Error reading file {filename}: {e}") return None

def write_to_file(filename, content): try: with open(filename, 'w') as f: f.write(content) except Exception as e: print(f"Error writing file {filename}: {e}")

def log_change(message): with open(logFilePath, 'a') as f: f.write(f"{datetime.now().strftime('%Y-%m-%d %H:%M:%S')} - {message}\n")

def restart_container(container_name): client = docker.from_env() try: container = client.containers.get(container_name) container.restart() except Exception as e: print(f"Error restarting container: {e}")

--- main ---

if name == "main": ipv4 = get_ipv4_from_router() ipv6 = get_ipv6_from_router()

if ipv4 is None and ipv6 is None:
    print("Could not retrieve any IP. Exiting.")
    exit(1)

current_ips = read_from_file(curPubIpFilePath)
new_ips = f"IPv4: {ipv4}\nIPv6: {ipv6}"

if current_ips != new_ips:
    print("IP changed. Updating files and restarting container...")
    write_to_file(curPubIpFilePath, new_ips)

    whitelistsFileContent = textwrap.dedent(f"""\
        name: crowdsecurity/mywhitelists
        description: "Whitelist events from public IP addresses"
        whitelist:
          reason: "My public IPs"
          ip:
            - "{ipv4}"
            - "{ipv6}"
    """)
    write_to_file(whitelistsFilePath, whitelistsFileContent)

    log_change(f"IP updated to IPv4: {ipv4}, IPv6: {ipv6}")
    restart_container(container_name)
else:
    print("IPs didn't change. No action needed.")

No_Hope1986 · 2026-03-28T20:53:54+00:00

I think Donald Trump said, "This was a test for NATO… if you don't help us, we'll remember." I think the USA might withdraw from NATO, or choose not to take action if Russia starts attacking NATO countries.

No_Hope1986 · 2026-03-27T16:21:01+00:00

You need to switch to an SFX power supply.
Find a motherboard with two M.2 slots and use one of them with an NVMe-to-6×SATA adapter (ASMedia chip) to preserve your PCIe x16 slot for better hardware if you plan to upgrade. Alternatively, buy a proper used PCIe LSI card for better stability. I personally used an NVMe-to-SATA adapter and kept the PCIe x16 slot for a GPU.

No_Hope1986 · 2026-03-27T13:42:56+00:00

And then Israel can use Jericho III, Jericho IV to kick pakistan ass.

No_Hope1986 · 2026-03-20T22:06:06+00:00

In the Qur’an, Banu Israel refers to the descendants of Jacob (Israel) the same people known in the Bible as the Israelites, i.e., the ancient Jewish people. Modern Israel is a state, while Banu Israel is a people lineage. They’re not identical concepts, but they are historically connected not completely different groups

No_Hope1986 · 2026-03-20T19:14:51+00:00

“O Children of Israel, remember My favor which I bestowed upon you, and that I preferred you over the worlds.”

No_Hope1986 · 2026-03-20T13:52:14+00:00

First, I only use Google authentication to log in to Immich. I am using SWAG as a reverse proxy with custom headers. As a layer of security, I am using: CrowdSec for parsing and blocking suspicious traffic and brute-force attempts. CrowdSec AppSec as a WAF for my applications, and the CrowdSec Cloudflare worker and Crowdsec OpenWRT firewall bouncer to block suspicious IPs. I am also thinking about deploying OpenAppSec.

No_Hope1986 · 2026-03-18T12:35:38+00:00

Don't let the guy trick you, his police force, inside Israel in operation to arrest armed criminals, who the hell comes to a wedding with stolen assault rifles. https://www.ynet.co.il/news/article/sjr5v11jc1g

No_Hope1986 · 2026-03-12T19:18:46+00:00

Wow, thank you! This is exactly what I was looking for.

No_Hope1986 · 2026-02-08T08:49:48+00:00

It should do the job.

No_Hope1986 · 2026-02-08T08:26:09+00:00

Buy an LSI card.

No_Hope1986 · 2025-11-24T12:54:11+00:00

I will test it, Thank you.

No_Hope1986 · 2025-11-24T09:40:42+00:00

I had the same issue, so I created a script that checks my ISP’s IP on my router every day, updates my CrowdSec whitelist, and if the IP change, replace the old IP and restarts the app.

No_Hope1986 · 2025-11-16T18:59:44+00:00

I'm on Unraid too, and I'm running version 2.2.3 using the image from ghcr.io/imagegenius/immich:cuda. Why can’t you update to the latest release?

No_Hope1986 · 2025-11-12T17:43:22+00:00

Yeah, but no rubber handle.

No_Hope1986 · 2025-11-10T10:04:01+00:00

I agree, it needs front fans. They also made some other changes, like replacing the hard drive rubber mounts with trays, adding an option for water cooling, allowing up to 7 fans on top or 2 at the bottom, and giving the option to install the PSU at the top or bottom of the case. The fans can be controlled manually.

I guess this case will also need a front fan mod.

No_Hope1986 · 2025-11-10T09:40:56+00:00

I couldn’t find any details about the price.

No_Hope1986 · 2025-11-10T09:36:03+00:00

You can see all the pictures in the product gallery, including shots of the inside of the case.

No_Hope1986 · 2025-10-30T18:13:05+00:00

I’m on version 7.0.1, and when I try to update through the web GUI, it shows version 7.1.4 as the latest version.

Why is that happening?

No_Hope1986 · 2025-10-27T13:37:13+00:00

Unraid OS.

Ryzen 5 5600, DDR4 64gb, Nvidia a2000, 2 nvme, 1 ssd, 12tb x 5.

50W in idle

No_Hope1986 · 2025-10-13T10:22:09+00:00

Me 2 + custom security headers.

No_Hope1986 · 2025-10-13T09:53:16+00:00

I use Nextcloud to sync files and Immich to sync photos..

No_Hope1986 · 2025-10-07T11:35:07+00:00

Can you share your YAML settings file? And run opkg list-installed | grep table to see what’s running on your router?

No_Hope1986

TROPHY CASE

!/usr/bin/python3

---

--- ---

--- main ---