How to install and run the World Crime Feed-Defend-Detect (F3D) Agent - by OneFirewall (one-f3d-agent)
Direction | Protocol / Port | Purpose |
---|---|---|
Inbound | UDP 514 | Receive syslog events from your SIEM |
Inbound | TCP 443 (HTTPS) | Serve threat feeds to firewalls |
Inbound | TCP 8080 (HTTP) | Serve threat feeds to firewalls without SSL |
Outbound | TCP 443 → OneFirewall | Sync config & retrieve instructions |
Outbound | TCP 443 → Firewalls | Push automated-blocking commands (optional) |
docker compose up -d
runs containers in the background.docker compose logs -f
streams the agent’s output for troubleshooting.https://app.onefirewall.com/agent-status.html
to see the Agent is working and blocking malicious connectionshttps://app.onefirewall.com/live.html
to see the traffic captured in real time