KNOWLEDGE BASE

https://bornoe.org/blog/2023/09/basic-fail2ban-commands/

Restart Fail2ban

sudo systemctl restart fail2ban

No output if successful. Fail2ban is restarted.

Reload Fail2ban configuration without restarting

sudo fail2ban-client reload

The Fail2ban configuration is reloaded.

List all banned IP addresses in all jails

sudo fail2ban-client banned

Lists all IP addresses banned for each existing jail.

Example output

[{'sshd': ['192.0.2.1', '198.51.100.1']}]

Check the status of a specific jail (e.g., sshd)

sudo fail2ban-client status <JAIL>

Shows the status of a specific Fail2ban jail, such as SSH:

sudo fail2ban-client status sshd

Example output for the jail sshd

Status for the jail: sshd |- Filter |  |- Currently failed:    1 |  |- Total failed:    23829 |  `- File list:    /var/log/auth.log `- Actions   |- Currently banned:    2   |- Total banned:    2569   `- Banned IP list:    192.0.2.1 198.51.100.1

Manually ban an IP address

sudo fail2ban-client set <JAIL> banip <IP>

The specified IP is banned and included in the specified jail. E.g., if you want to ban an IP from connect through SSH:

sudo fail2ban-client set sshd banip 192.0.2.1

Manually unban an IP address

sudo fail2ban-client set <JAIL> unbanip <IP>

The specified IP in the specified jail is unbanned. E.g., if you want to unban an IP and allow it to connect through SSH:

sudo fail2ban-client set sshd unbanip 192.0.2.1

Display the current Fail2ban version

sudo fail2ban-client version

Displays the installed Fail2ban version.

Example output

0.11.2