Pinoy IT Share

In this post, we’ll move beyond static firewall rules and integrate CrowdSec with Mikrotik RouterOS v7 . We are shifting from a traditional "set-and-forget" firewall to an Intelligence-Driven Defense that reacts to global threats in real-time. The Goal To offload the heavy lifting of log analysis to a dedicated Debian 12 LXC and use the Mikrotik API to dynamically block malicious IPs at the edge. This setup ensures your router stays fast while benefiting from a global community of threat intelligence. Figure 1: Logical Topology of the CrowdSec Engine and Mikrotik Edge Enforcement. Why CrowdSec? Behavioral Analysis: It doesn't just look at IPs; it looks at patterns (e.g., SSH brute force). Community Powered: If an IP is banned in Europe or the US, it’s automatically added to your Mikrotik’s blacklist. Resource Efficient: The LXC does the "thinking," the Mikrotik does the "dropping." Note: This setup is p...

Case Study: Non-Invasive High Availability DNS with AdGuard Home & Keepalived Ensuring 99.9% Uptime without modifying Core Router configurations. 1. Executive Summary In any home lab or small office, DNS is a critical service. A single point of failure here means a total network-wide "internet outage." This case study explores a Non-Invasive High Availability (HA) setup using AdGuard Home and Keepalived on Proxmox LXC . The goal: Zero downtime during maintenance while keeping the core router configuration simple and untouched. 2. Key Technical Concepts Keepalived: A routing software that monitors services and manages failover automatically. VRRP (Virtual Router Redundancy Protocol): The protocol used by servers to "talk" and share a single Virtual IP (VIP) . Keep Alive: A mechanism to check if a connection or a neighbor node is still active. Non-Invasive Design: Failover logic ...