Fail2ban

From I Will Fear No Evil
Revision as of 09:56, 27 August 2025 by Chubbard (talk | contribs) (Created page with "===Fail2ban Notes=== There are a whole bunch of options and commands that I forget for fail2ban. This is simply a list of things that can be done.. ==Ban IP== * sudo fail2ban-client set JAIL banip 107.175.27.212 ==Status Jail== * sudo fail2ban-client status ==UnBan IP== * sudo fail2ban-client set JAIL unbanip 192.168.0.1 ==Testing Regex== * fail2ban-regex /var/log/haproxy.log 'haproxy(?:\[\d+\])?: <HOST>:\d+ \[.*\] default_ssl_http_in~ wiki/wiki01 .* "GET /mediawi...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Fail2ban Notes

There are a whole bunch of options and commands that I forget for fail2ban. This is simply a list of things that can be done..

Ban IP

  • sudo fail2ban-client set JAIL banip 107.175.27.212

Status Jail

  • sudo fail2ban-client status

UnBan IP

  • sudo fail2ban-client set JAIL unbanip 192.168.0.1

Testing Regex

  • fail2ban-regex /var/log/haproxy.log 'haproxy(?:\[\d+\])?: <HOST>:\d+ \[.*\] default_ssl_http_in~ wiki/wiki01 .* "GET /mediawiki/index\.php\?title.*.RequestAccount.*$'

Ban Loops

  • for x in `grep mediawiki haproxy.log | grep -v 192.168.0.1 | grep Special | awk '{print $6}' | sed 's/:.*//g' | sort | uniq`; do fail2ban-client set recidive banip $x ; done
Retrieved from "https://wiki.iwillfearnoevil.com/mediawiki/index.php?title=Fail2ban&oldid=673"