On 19/02/2021 21:52, Sergei Gerasenko wrote:
Hi,
I'm relatively new to fail2ban and I can't understand why I can't
unban an ip using the client. I /can/ do it using iptables directly
but not using the client. I'm running fail2ban v0.11. My configuration
is like this (the important bits):
...
actioncheck = iptables -n -L <chain> | grep -q 'f2b-<name>[ \t]'
actionban = iptables -I f2b-<name> 1 -s <ip> -j DROP
# Add the new IP ban to our ip.blacklist file unless
it exists already
grep -q '<ip>' /etc/fail2ban/ip.blacklist || echo
'<ip>' >> /etc/fail2ban/ip.blacklist
actionunban = iptables -D f2b-<name> -s <ip> -j DROP
# Remove IP from our ip.blacklist file
sed -i -e '/<ip>/d' /etc/fail2ban/ip.blacklist
...
The banning works great. But when I try to unban, I get:
fail2ban-client set repeat-offenders unbanip X.X.X.X
0
When I check the iptables chain, the IP is still there until I
manually remove it with iptables. Also, the /etc/fail2ban/ip.blacklist
file still contains the ip as well. How can I see all the commands
that fail2ban executes (including grep, iptables, etc)?
Thanks,
Sergei
Have a look at the actions for other iptables-based jails:
grep -rE "^action(ban|check|unban).*iptables" /etc/fail2ban
I think the actions for your jail should match those, so the 'iptables'
line in your actionunban becomes:
actionunban = <iptables> -D f2b-<name> -s <ip> -j <blocktype>
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
