I’m using the CrowdSec firewall (https://www.crowdsec.net/) to protect all my IT.
The interest of CrowSec is that banned IP address are provided by the community, while each deployment of CrowdSec collaborates to maintain this shared ban-list.
And it seems to me that some IP addresses used by the satellites have been automatically banned for some unexplained reason. I guess that this explains the partial suspension of my node.
So I would like to know the exhaustive list of satellite IPs used to reach my node, so that I can add them to the CrowdSec exclusion list.
But knowing satellites IPs is not enough - data is transferred between the customers across the globe and your node directly, not through the satellite, so you need to whitelist every single IP in the world.
The node should not be limited like this to work normally, so you need to allow to connect to your node from any IP and any port to the IP and port of your node (28967 TCP+UDP), and the node should have an ability to connect any IP and any port outside your network. So basically you should not block any outgoing connections from your node and any incoming connections to the node’s port.