Hello,
I would like to request inclusion of crowdsec-unifi-suite on the CrowdSec Hub.
Repository Info
What It Does
crowdsec-unifi-suite is a one-command installer that deploys the complete CrowdSec security stack on UniFi OS devices (UDM Pro, UDM SE, UDR, UCG Ultra). It orchestrates the installation and configuration of four complementary components into a cohesive defense-in-depth pipeline:
Detect → Decide → Enforce
| Stage |
Component |
Function |
| Detect |
crowdsec-unifi-parser |
Parse UniFi firewall logs for CrowdSec analysis |
| Decide |
CrowdSec Engine |
Apply scenarios, check community blocklists |
| Enforce |
crowdsec-unifi-bouncer |
Push ban decisions to UniFi firewall rules |
| Prioritize |
bouncer sidecar |
Score and filter decisions to fit device ipset capacity |
| Augment |
crowdsec-blocklist-import |
Import external threat intel (AbuseIPDB, Spamhaus, etc.) |
Category Note
This is a meta-installer/integration tool rather than a single remediation component. It ties together components that are (or will be) individually listed on the Hub. I'm happy for the CrowdSec team to categorize it as appropriate — "integration", "installer", or any other category that fits.
Documentation
Features
One-Command Install
curl -sSL https://raw.githubusercontent.com/wolffcatskyy/crowdsec-unifi-suite/main/install.sh | bash
Device Compatibility
- UDM Pro / UDM SE / UDM Pro Max (arm64) — primary targets
- UDR (arm64) — tested
- UCG Ultra / Cloud Gateway Max (arm64) — experimental
- Requires UniFi OS 3.x+ with SSH access
What It Automates
- CrowdSec engine installation (if not already present)
- UniFi parser installation and configuration for UniFi log formats
- UniFi bouncer installation and firewall rule management
- Optional: sidecar proxy for decision capping on capacity-limited devices
- Optional: blocklist-import for external threat intelligence feeds
Defense-in-Depth Approach
Complements UniFi's built-in IDS/IPS: UniFi handles real-time inline traffic inspection, CrowdSec handles proactive blocking from global community threat intelligence (200K+ shared signals).
Short Description
One-command installer for the complete CrowdSec + UniFi security stack — deploys parser, bouncer, and optional blocklist-import on UDM/UDR/UCG devices
Social Preview Image
Not yet set on the repository.
Releases
No versioned release yet — initial release planned shortly after Hub review feedback is incorporated.
Hello,
I would like to request inclusion of
crowdsec-unifi-suiteon the CrowdSec Hub.Repository Info
What It Does
crowdsec-unifi-suiteis a one-command installer that deploys the complete CrowdSec security stack on UniFi OS devices (UDM Pro, UDM SE, UDR, UCG Ultra). It orchestrates the installation and configuration of four complementary components into a cohesive defense-in-depth pipeline:Category Note
This is a meta-installer/integration tool rather than a single remediation component. It ties together components that are (or will be) individually listed on the Hub. I'm happy for the CrowdSec team to categorize it as appropriate — "integration", "installer", or any other category that fits.
Documentation
Features
One-Command Install
curl -sSL https://raw.githubusercontent.com/wolffcatskyy/crowdsec-unifi-suite/main/install.sh | bashDevice Compatibility
What It Automates
Defense-in-Depth Approach
Complements UniFi's built-in IDS/IPS: UniFi handles real-time inline traffic inspection, CrowdSec handles proactive blocking from global community threat intelligence (200K+ shared signals).
Short Description
One-command installer for the complete CrowdSec + UniFi security stack — deploys parser, bouncer, and optional blocklist-import on UDM/UDR/UCG devicesSocial Preview Image
Not yet set on the repository.
Releases
No versioned release yet — initial release planned shortly after Hub review feedback is incorporated.