Hi,
I'm relatively new to fail2ban and I can't understand why I can't unban an
ip using the client. I *can* do it using iptables directly but not using
the client. I'm running fail2ban v0.11. My configuration is like this (the
important bits):
...
actioncheck = iptables -n -L <chain> | grep -q 'f2b-<name>[ \t]'
actionban = iptables -I f2b-<name> 1 -s <ip> -j DROP
# Add the new IP ban to our ip.blacklist file unless it exists
already
grep -q '<ip>' /etc/fail2ban/ip.blacklist || echo '<ip>' >>
/etc/fail2ban/ip.blacklist
actionunban = iptables -D f2b-<name> -s <ip> -j DROP
# Remove IP from our ip.blacklist file
sed -i -e '/<ip>/d' /etc/fail2ban/ip.blacklist
...
The banning works great. But when I try to unban, I get:
fail2ban-client set repeat-offenders unbanip X.X.X.X
0
When I check the iptables chain, the IP is still there until I manually
remove it with iptables. Also, the /etc/fail2ban/ip.blacklist file still
contains the ip as well. How can I see all the commands that fail2ban
executes (including grep, iptables, etc)?
Thanks,
Sergei
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
