IPTABLES Hash is full, cannot add more elements

[LaurenceJJones]

Just to add documentation and pin an issue to this bouncer.

Due to size of community blocklist and with added support of third party lists user may hit the default limit set by crowdsec-firewall-bouncer-iptables.

To resolve this issue the user must configure a bigger hash set. Open bouncer configuration located normally under /etc/crowdsec/bouncers/. Add the following config:

ipset_size: 131072
## this default 65536 * 2

This does not exists in the yaml by default so you MUST add it.

[LaurenceJJones]

@buixor Did you want to still explore increasing the default value?

[CERT-ARKEA]

the same opinion, increase the default value (with new blocklists, it is mandatory)

[LaurenceJJones]

Reopening issue, to make sure we track any changes we make to cs-firewall

[mmetc]

#324