Skip to main content

fail2ban command

常用指令表
CmdDescription

service fail2ban restart

systemctl restart fail2ban

restart fail2ban service (after edit configuration)
fail2ban-client reloadrestart fail2ban client
fail2ban-client statusget list activated jail
fail2ban-client status <JAIL>
example: fail2ban-client status wplogin
example: fail2ban-client status sshd
get <JAIL> status (the number of unsuccessful attempts and the list of banned IPs)
fail2ban-regex /var/lib/docker/containers/<CONTAINERID>/<CONTAINERID>-json.log /etc/fail2ban/filter.d/wplogin.conftest regex wplogin
fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conftest regex sshd
fail2ban-regex "line" "failregex"test regex
fail2ban-client set <JAIL-NAME> unbanip <IP-ADDRESS>manually unban IP
fail2ban-client  set <JAIL-NAME> banip <IP-ADDRESS>manually Ban IP
tail -f /var/log/fail2ban.logview fail2ban logs
iptables -L –line-numberslist IP blocked with line numbers
iptables -D <Jail-Name> -s <IP-ADDRESS> -j DROP
Example: Jail-Name =f2b-wplogin
Jail-Name =f2b-sshd
Unban IP
fail2ban-server -bstart fail2ban server
docker inspect –format='{{.LogPath}}' $INSTANCE_IDreturn instance log file path