fail2ban-client is a command-line tool for configuring and controlling a fail2ban server. fail2ban is an intrusion prevention software that monitors log files for suspicious activity and bans IP addresses that show malicious behavior. This tool allows you to interact with the fail2ban server, to configure the server, check its status, and manage the banned IP addresses.
fail2ban-client Command Examples
1. Retrieve current status of the jail service:
# fail2ban-client status jail
2. Remove the specified IP from the jail service’s ban list:
# fail2ban-client set jail unbanip ip
3. Verify fail2ban server is alive:
# fail2ban-client ping
4. To check the status of all active jails, you can use the command:
# fail2ban-client status
5. To ban an IP address from a specific jail, you can use the command:
# fail2ban-client set jailname banip IP_ADDRESS
6. To unban an IP address from a specific jail, you can use the command:
# fail2ban-client set jailname unbanip IP_ADDRESS
7. To set the ban time for a jail, you can use the command:
# fail2ban-client set jailname bantime BAN_TIME
8. To set the find time for a jail, you can use the command:
# fail2ban-client set jailname findtime FIND_TIME
9. To reload the configuration of all jails, you can use the command:
# fail2ban-client reload
It’s important to note that jailname in the examples above should be replaced with the actual name of the jail that you want to manage. Also, the IP_ADDRESS and time values should be replaced with the actual values.