Botwatcher: Difference between revisions

From East Essex Hackspace
Jump to navigation Jump to search
No edit summary
 
Line 9: Line 9:
== Configuration ==
== Configuration ==
https://github.com/eehackspace/eeh-simple-canary
https://github.com/eehackspace/eeh-simple-canary
== Traffic Path ==
user -> https://botwatcher.eehack.space -> cloudflare proxy with forced TLS termination -> EEH_IP:80 (http) -> Mikrotik Router Nat 80:2095 whitelisting only cloudflare IPs -> docker_ip:2095 -> nginx container 2095:80 then proxied via paths /status and /checkin -> docker_ip:54035 -> simple-canary:80


=== Firewall Rules ===
=== Firewall Rules ===

Latest revision as of 09:47, 8 July 2021

Botwatcher

Is a canary system for doorbot and toolbots based upon simple-canary

Accessible here: https://botwatcher.eehack.space/status

Runs in a docker container running on the main server.

Configuration

https://github.com/eehackspace/eeh-simple-canary

Traffic Path

user -> https://botwatcher.eehack.space -> cloudflare proxy with forced TLS termination -> EEH_IP:80 (http) -> Mikrotik Router Nat 80:2095 whitelisting only cloudflare IPs -> docker_ip:2095 -> nginx container 2095:80 then proxied via paths /status and /checkin -> docker_ip:54035 -> simple-canary:80

Firewall Rules

/ip firewall address-list
add list=cloudflare_ipv4 address=173.245.48.0/20
add list=cloudflare_ipv4 address=103.21.244.0/22
add list=cloudflare_ipv4 address=103.22.200.0/22
add list=cloudflare_ipv4 address=103.31.4.0/22
add list=cloudflare_ipv4 address=141.101.64.0/18
add list=cloudflare_ipv4 address=108.162.192.0/18
add list=cloudflare_ipv4 address=190.93.240.0/20
add list=cloudflare_ipv4 address=188.114.96.0/20
add list=cloudflare_ipv4 address=197.234.240.0/22
add list=cloudflare_ipv4 address=198.41.128.0/17
add list=cloudflare_ipv4 address=162.158.0.0/15
add list=cloudflare_ipv4 address=172.64.0.0/13
add list=cloudflare_ipv4 address=131.0.72.0/22
add list=cloudflare_ipv4 address=104.16.0.0/13
add list=cloudflare_ipv4 address=104.24.0.0/14