Botwatcher: Difference between revisions
Jump to navigation
Jump to search
(Botwatcher - doorbot and toolbot canary) |
No edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 4: | Line 4: | ||
Accessible here: https://botwatcher.eehack.space/status | Accessible here: https://botwatcher.eehack.space/status | ||
Runs in a docker container running on the main server. | |||
== Configuration == | == Configuration == | ||
https://github.com/eehackspace/eeh-simple-canary | https://github.com/eehackspace/eeh-simple-canary | ||
== Traffic Path == | |||
user -> https://botwatcher.eehack.space -> cloudflare proxy with forced TLS termination -> EEH_IP:80 (http) -> Mikrotik Router Nat 80:2095 whitelisting only cloudflare IPs -> docker_ip:2095 -> nginx container 2095:80 then proxied via paths /status and /checkin -> docker_ip:54035 -> simple-canary:80 | |||
=== Firewall Rules === | === Firewall Rules === | ||
Latest revision as of 09:47, 8 July 2021
Botwatcher
Is a canary system for doorbot and toolbots based upon simple-canary
Accessible here: https://botwatcher.eehack.space/status
Runs in a docker container running on the main server.
Configuration
https://github.com/eehackspace/eeh-simple-canary
Traffic Path
user -> https://botwatcher.eehack.space -> cloudflare proxy with forced TLS termination -> EEH_IP:80 (http) -> Mikrotik Router Nat 80:2095 whitelisting only cloudflare IPs -> docker_ip:2095 -> nginx container 2095:80 then proxied via paths /status and /checkin -> docker_ip:54035 -> simple-canary:80
Firewall Rules
/ip firewall address-list add list=cloudflare_ipv4 address=173.245.48.0/20 add list=cloudflare_ipv4 address=103.21.244.0/22 add list=cloudflare_ipv4 address=103.22.200.0/22 add list=cloudflare_ipv4 address=103.31.4.0/22 add list=cloudflare_ipv4 address=141.101.64.0/18 add list=cloudflare_ipv4 address=108.162.192.0/18 add list=cloudflare_ipv4 address=190.93.240.0/20 add list=cloudflare_ipv4 address=188.114.96.0/20 add list=cloudflare_ipv4 address=197.234.240.0/22 add list=cloudflare_ipv4 address=198.41.128.0/17 add list=cloudflare_ipv4 address=162.158.0.0/15 add list=cloudflare_ipv4 address=172.64.0.0/13 add list=cloudflare_ipv4 address=131.0.72.0/22 add list=cloudflare_ipv4 address=104.16.0.0/13 add list=cloudflare_ipv4 address=104.24.0.0/14