Pretty sure expiry is handled by the local crowdsec daemon, so it should automatically revoke rules once a set time is reached.
At least that's the case with the iptables and nginx bouncers (4 hour ban for probing). I would assume that it's the same for the cloudflare one.
Alternatively, maybe look into running two bouncers (1 local, 1 CF)? The CF one filters out most bot traffic, and if some still get through then you block them locally?
A tumbleweed rolls in the distance...
*stares at the intern's 400 line bash script*
There are totally more flexible options. Just don't mind the front falling off. It's totally normal!
Look at the line with the asm_exc_invalid_op. That seems like a hardware fault caused by an invalid asm instruction to me. Either something wrong is being interpreted as an opcode (unlikely) or maybe the driver was compiled with extensions not available on the current machine.
OP, how old is your CPU? And how old is the nic you are using?
Edit: ~~did you use a custom driver for the NIC? I'm looking at the Linux src and rt_mutex_schedule does not exist.~~ Nevermind. Was checking 4.18 instead of 6.7. found it now. The bug is most likely inside a macro called preempt_disable(). Unfortunately most of the functions are pretty heavily inlined and architecture dependent so you won't get much out of it. But it is likely any changes you made in terms of premption might also be causing the bug.
And I'll be sure to let them know that I use windower add-ons and DAT mods when playing FF11. Maybe they'll ban my PS2/PlayOnline from any future updates?
There's the clearurl addon that removes known trackers. But you gotta copy it from the URL bar first.
I'm saying that network traffic is exploding exponentially. Sure, right now 20GbE is enough. but in two years? Four? It's not the throughput per device that is increasing, it's the number of networked devices. For a family (or several college students) that's into stuff like this its possible that they've already reached the peak capacity of 10GbE. I do agree that it's way too expensive though.
That being said, I'm personally very happy running all of my stuff off of 1GbE. But then again, I don't like IoT devices (despite working in an adjacently related field), nor do I torrent.
I don't think either of us is the target audience here. I can see a "cheaper" (questionable) Pro laptop being useful for students going into college with a limited budget. An undergrad CS/graphic design degree shouldn't tax an 8gb machine too much, assuming students shut down everything else when doing their once-a-semester major rendering/compiling/model training. If people just want Macbook pro software with more ports, a "cheaper" machine is better than none. Personally, I would still get a used/refurbished machine though.
That being said, my current laptop workload tends to be emacs, qpdfview, Firefox, and tmux on EL9. For the remaining stuff, I usually just spin up a VM then ssh/xrdp into it. As for slack, teams, jabber, etc, I'm happy to report I've been out of industry/IT for 1+ years and don't plan on going back anytime soon. For all I care, Apple can call their models unicorn edition. As long as it sells it's not stupid.
*Darth Sion enters the chat*
One way to do this would be set up crowdsec bouncers on each server but only run a single instance of the crowdsec daemon. Send all logs to the daemon and let it communicate with all the bouncers.
You can also replace ChatGPT with Devin and achieve the same results*
*Your mileage may vary depending on the quality of your Devin
iirc the bad UA filter is bundled with either base-http-scenarios or nginx. That might help assuming they aren't trying to mask that UA.