cscli postoverflows install crowdsecurity/cdn-whitelistCDNs whitelist based on following lists:
It will whitelist overflows triggered on an IP in those lists
1name: crowdsecurity/cdn-whitelist2description: "Whitelist CDN providers"3whitelist:4 reason: "CDN provider"5 expression:6 - "any(File('cloudflare_ips.txt'), { IpInRange(evt.Overflow.Alert.Source.IP ,#)})"7 - "any(File('cloudflare_ip6s.txt'), { IpInRange(evt.Overflow.Alert.Source.IP ,#)})"8data:9 - source_url: https://www.cloudflare.com/ips-v410 dest_file: cloudflare_ips.txt11 type: string12 - source_url: https://www.cloudflare.com/ips-v613 dest_file: cloudflare_ip6s.txt14 type: string15