fail2ban command
常用指令表
Cmd | Description |
service fail2ban restart systemctl restart fail2ban |
restart fail2ban service (after edit configuration) |
fail2ban-client reload | restart fail2ban client |
fail2ban-client status | get list activated jail |
fail2ban-client status <JAIL> example: fail2ban-client status wplogin example: fail2ban-client status sshd |
get <JAIL> status (the number of unsuccessful attempts and the list of banned IPs) |
fail2ban-regex /var/lib/docker/containers/<CONTAINERID>/<CONTAINERID>-json.log /etc/fail2ban/filter.d/wplogin.conf | test regex wplogin |
fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf | test regex sshd |
fail2ban-regex "line" "failregex" | test regex |
fail2ban-client set <JAIL-NAME> unbanip <IP-ADDRESS> | manually unban IP |
fail2ban-client set <JAIL-NAME> banip <IP-ADDRESS> | manually Ban IP |
tail -f /var/log/fail2ban.log | view fail2ban logs |
iptables -L –line-numbers | list IP blocked with line numbers |
iptables -D <Jail-Name> -s <IP-ADDRESS> -j DROP Example: Jail-Name =f2b-wplogin Jail-Name =f2b-sshd |
Unban IP |
fail2ban-server -b | start fail2ban server |
docker inspect –format='{{.LogPath}}' $INSTANCE_ID | return instance log file path |
fail2ban-client get <JAIL-NAME> ignoreip |
Test ignoreip for JAIL |
Check the version
fail2ban-client version
Check the all IPs banned
fail2ban-client banned