Combine OpenZiti and CrowdSec

Hello everyone,

has anyone successfully managed to connect OpenZiti and CrowdSec?

An Openziti log parser could, for example, detect incorrect login attempts to the ZAC, the routers, ... and report them to the LAPI.

I see a huge advantage in the fact that CrowdSec can then also block private Ziti tunneler addresses if they have been compromised or if someone makes unusual calls.

This would provide an additional layer of security.

Thinking one step further, it would also be possible to create an Openziti bouncer that analyzes the blocked IPs and, if it is one of the tunneler addresses, deactivates it completely for the duration => the “attacker” is completely locked out of the Ziti network.

I am looking forward to your experiences and opinions :slight_smile: