I'm using Fail2Ban on a server and I'm wondering how to unban an IP properly.
I know I can work with IPTables directly: iptables -D fail2ban-ssh <number>
But is there not a way to do it with the fail2ban-client
?
In the manuals it states something like: fail2ban-client get ssh actionunban <IP>
. But that doesn't work.
Also, I don't want to /etc/init.d/fail2ban restart
as that would lose all the bans in the list.
Best Answer
With Fail2Ban before v0.8.8:
With Fail2Ban v0.8.8 and later:
The hard part is finding the right jail:
iptables -L -n
to find the rule name...fail2ban-client status | grep "Jail list" | sed -E 's/^[^:]+:[ \t]+//' | sed 's/,//g'
to get the actual jail names. The rule name and jail name may not be the same but it should be clear which one is related to which.