On 6/25/2018 9:35 AM, Lucas Cotta wrote: > the reason I'm trying to solve this in a hacky way is because when I try > your solution, if I restart the server or fail2ban service, all those > IPs get banned again.
That is strange. But I'm not a f2b developer, or have seen in detail how it works, specially the unban part. > How can I definitively unban them? Are you sure its fail2ban keeping them? Does the f2b log shows its re-adding them at startup? If not... I would first check (in my case) iptables: check the addresses are not there after using "fail2ban-client set <JAIL> unbanip <IP>", re-check after stopping f2b. If that works as expected, then maybe something else installed is making the additions. Just an idea, but there were old additions to f2b to keep the data persistent. Also, with f2b stopped, have a look at the database. I haven't inspected it but using the following commands you can see what's in there: sqlite3 /var/lib/fail2ban/fail2ban.sqlite3 .dump .exit The output after .dump will show first the table definition, hopefully with descriptive column titles. Then it shows the data in a way used to record it (INSERT INTO <table> VALUES( <list of values in table order> ). I don't know what f2b does with unbanned addresses, probably marks them along with time stamps to know when, and for how long. So the unbanned addresses should be there, but unlike banned addresses, with something different. If everything checks, or looks sane, then open a ticket on the git repository, its probably a bug. -- René Berber
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users