Fail2ban: as unban ip (using fail2ban-client)

Question

Fail2ban: as unban ip (using fail2ban-client)

I am using fail2ban v.0.8.2, but I cannot ban IP:

with fail2ban-client I see IP:

fail2ban-client status fail2ban

Status for the jail: fail2ban
|- filter
|  |- File list:    /var/log/fail2ban.log 
|  |- Currently failed: 1
|  `- Total failed: 8
`- action
   |- Currently banned: 2
   |  `- IP list:   151.10.65.197 151.10.72.169 
   `- Total banned: 2

from the man page should be enough:

fail2ban-client get fail2ban actionunban 151.10.65.197

the output of the command does not return an error, but:

iptables -L -nv |grep -b2 -a1 151

16262- pkts bytes target     prot opt in     out     source               destination         
16351:    0     0 DROP       all  --  *      *       151.10.72.169        0.0.0.0/0           
16440:    0     0 DROP       all  --  *      *       151.10.65.197        0.0.0.0/0           
16529- 181K   48M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

and conclusion

fail2ban-client status fail2ban

- this is the same, so the command does not start.

+4

linux

Pol hallen Jun 21 '14 at 17:50

source share

1 answer

David C. Rankin · Accepted Answer · 2014-06-21T17:57:20+0000

You need to use fail2ban-client get jail-name actionunban ipaddressThis will allow you to prohibit the IP address. Use iptables -L -nto find the status of the correct prison name to use ?. The command you give: fail2ban-client get fail2ban actionunban xxx.xxx.xxx.xxxis correct based on your result. Check the status again to make sure it has not been unlocked by timeout. This explains why the team is not working.

Fail2ban Manual Unban Single Host ( iptables) unban (get/set) .

Fail2ban: as unban ip (using fail2ban-client)

More articles: