Toggle search
Toggle menu
32
203
63
1.4K
East Essex Hackspace
Toggle preferences menu
Toggle personal menu
Not logged in
Your IP address will be publicly visible if you make any edits.

Botwatcher

From East Essex Hackspace
More actions
Revision as of 09:47, 8 July 2021 by Stevef (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Botwatcher

Is a canary system for doorbot and toolbots based upon simple-canary

Accessible here: https://botwatcher.eehack.space/status

Runs in a docker container running on the main server.

Configuration

https://github.com/eehackspace/eeh-simple-canary

Traffic Path

user -> https://botwatcher.eehack.space -> cloudflare proxy with forced TLS termination -> EEH_IP:80 (http) -> Mikrotik Router Nat 80:2095 whitelisting only cloudflare IPs -> docker_ip:2095 -> nginx container 2095:80 then proxied via paths /status and /checkin -> docker_ip:54035 -> simple-canary:80

Firewall Rules

/ip firewall address-list
add list=cloudflare_ipv4 address=173.245.48.0/20
add list=cloudflare_ipv4 address=103.21.244.0/22
add list=cloudflare_ipv4 address=103.22.200.0/22
add list=cloudflare_ipv4 address=103.31.4.0/22
add list=cloudflare_ipv4 address=141.101.64.0/18
add list=cloudflare_ipv4 address=108.162.192.0/18
add list=cloudflare_ipv4 address=190.93.240.0/20
add list=cloudflare_ipv4 address=188.114.96.0/20
add list=cloudflare_ipv4 address=197.234.240.0/22
add list=cloudflare_ipv4 address=198.41.128.0/17
add list=cloudflare_ipv4 address=162.158.0.0/15
add list=cloudflare_ipv4 address=172.64.0.0/13
add list=cloudflare_ipv4 address=131.0.72.0/22
add list=cloudflare_ipv4 address=104.16.0.0/13
add list=cloudflare_ipv4 address=104.24.0.0/14
Retrieved from "https://wiki.eehack.space/index.php?title=Botwatcher&oldid=265"
Last modified
This page was last edited on 8 July 2021, at 09:47.