subject:"Re\: \[Fail2ban\-users\] Unban IP Address on Fail2Ban v8.4.2"

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-04-13 Thread Palvelin Postmaster via Fail2ban-users

Thanks Tony, you’re awesome! :)


> On 10 Apr 2018, at 15:35, Tony Collins  wrote:
> 
> They don't seem to be well documented yet. The formula seems quite complex in 
> some ways. But if I'm reading the config file properly, you've got various 
> options for how you set it up.
> 
> I'll paste in what's in the basic conf file then explain what I do.
> 
> standard conf that comes with jail.conf
> 
> # "bantime.increment" allows to use database for searching of previously 
> banned ip's to increase a 
> # default ban time using special formula, default it is banTime * 1, 2, 4, 8, 
> 16, 32...
> #bantime.increment = true
> 
> # "bantime.rndtime" is the max number of seconds using for mixing with random 
> time 
> # to prevent "clever" botnets calculate exact time IP can be unbanned again:
> #bantime.rndtime = 
> 
> # "bantime.maxtime" is the max number of seconds using the ban time can reach 
> (don't grows further)
> #bantime.maxtime = 
> 
> # "bantime.factor" is a coefficient to calculate exponent growing of the 
> formula or common multiplier,
> # default value of factor is 1 and with default value of formula, the ban 
> time 
> # grows by 1, 2, 4, 8, 16 ...
> #bantime.factor = 1
> 
> # "bantime.formula" used by default to calculate next value of ban time, 
> default value bellow,
> # the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16, 
> 32...
> #bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * 
> banFactor
> #
> # more aggressive example of formula has the same values only for factor "2.0 
> / 2.885385" :
> #bantime.formula = ban.Time * 
> math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)
> 
> # "bantime.multipliers" used to calculate next value of ban time instead of 
> formula, coresponding 
> # previously ban count and given "bantime.factor" (for multipliers default is 
> 1);
> # following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban 
> count greater as multipliers count, 
> # always used last multiplier (64 in example), for factor '1' and original 
> ban time 600 - 10.6 hours
> #bantime.multipliers = 1 2 4 8 16 32 64
> # following example can be used for small initial ban time (bantime=60) - it 
> grows more aggressive at begin,
> # for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30 min, 
> 1 hour, 5 hour, 12 hour, 1 day, 2 day
> #bantime.multipliers = 1 5 30 60 300 720 1440 2880
> 
> # "bantime.overalljails" (if true) specifies the search of IP in the database 
> will be executed 
> # cross over all jails, if false (dafault), only current jail of the ban IP 
> will be searched
> #bantime.overalljails = false
> 
> If I'm understanding this correctly, I can change the formula, or I can 
> change the multiplier - I *think* either way is acceptable as a way of 
> calculating what the increase should be,
> 
> Here is my config, from my jail.local
> 
> 1) My DB has a purge age of a few years. At the moment, in versions before 
> 0.10, the DB never gets purged. But it's been fixed and it does now purge. If 
> you want to be able to ban things for a long time using multipliers, you'll 
> need a long purge age - because f2b decides whether something should be 
> classed as "bad" and therefore have its ban time lengthened by whether it's 
> in the database. If the database has been purged, the IP address might've 
> been removed.
> 
> At this stage I don't know whether a 2-year-long purge age will result in all 
> my disk space being used or whether it will cripple f2b's database usage. 
> I'll report back!
> 
> 2) My bantime starts at 7200 - 2 hours. I chose this on the basis that most 
> attacks seem to be one-offs, and now that I can multiple ban times it makes 
> sense to unban one-off offenders after a few hours. They will likely have 
> stopped trying to attack me. If they come back, their ban will be increased.
> 
> 3) My multiplier is odd: It's 2 days, 14 days, 90 days, then 3 years. Why? 
> Because sometimes an IP address will attack just for a few days or a few 
> weeks before the IP address owner realises their machine has been hijacked. 
> So, you get a few chances to mend your ways. After 14 days, you're probably 
> just a bad IP, so you get banned for 90 days. But because people change their 
> hosting sometimes, I give you a chance after 90 days. Then, it's 3 years. 
> Because if you've attacked and been banned for 2 hours, 2 days, 14 days, then 
> 90 days, that means you've attacked me 4 times in a period of 3.5 months - 
> you're a bad guy.
> 
> Here is what that section of my jail.local looks like:
> 
> bantime = 7200
> bantime.increment = true
> 
> # the variable hour is set earlier in the file - I use variables to set lots 
> of different time periods, so it is easier to understand the config
> bantime.rndtime = %(hour)s
> .
> bantime.factor = 1
> 
> # I don't know if I need this but it's there anyway
> bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) * 
> banFactor
> 
> # this is

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-04-10 Thread Tony Collins

They don't seem to be well documented yet. The formula seems quite complex
in some ways. But if I'm reading the config file properly, you've got
various options for how you set it up.

I'll paste in what's in the basic conf file then explain what I do.

*standard conf that comes with jail.conf*

# "bantime.increment" allows to use database for searching of previously
banned ip's to increase a
# default ban time using special formula, default it is banTime * 1, 2, 4,
8, 16, 32...
#bantime.increment = true

# "bantime.rndtime" is the max number of seconds using for mixing with
random time
# to prevent "clever" botnets calculate exact time IP can be unbanned again:
#bantime.rndtime =

# "bantime.maxtime" is the max number of seconds using the ban time can
reach (don't grows further)
#bantime.maxtime =

# "bantime.factor" is a coefficient to calculate exponent growing of the
formula or common multiplier,
# default value of factor is 1 and with default value of formula, the ban
time
# grows by 1, 2, 4, 8, 16 ...
#bantime.factor = 1

# "bantime.formula" used by default to calculate next value of ban time,
default value bellow,
# the same ban time growing will be reached by multipliers 1, 2, 4, 8, 16,
32...
#bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) *
banFactor
#
# more aggressive example of formula has the same values only for factor
"2.0 / 2.885385" :
#bantime.formula = ban.Time * math.exp(float(ban.Count+1)*
banFactor)/math.exp(1*banFactor)

# "bantime.multipliers" used to calculate next value of ban time instead of
formula, coresponding
# previously ban count and given "bantime.factor" (for multipliers default
is 1);
# following example grows ban time by 1, 2, 4, 8, 16 ... and if last ban
count greater as multipliers count,
# always used last multiplier (64 in example), for factor '1' and original
ban time 600 - 10.6 hours
#bantime.multipliers = 1 2 4 8 16 32 64
# following example can be used for small initial ban time (bantime=60) -
it grows more aggressive at begin,
# for bantime=60 the multipliers are minutes and equal: 1 min, 5 min, 30
min, 1 hour, 5 hour, 12 hour, 1 day, 2 day
#bantime.multipliers = 1 5 30 60 300 720 1440 2880

# "bantime.overalljails" (if true) specifies the search of IP in the
database will be executed
# cross over all jails, if false (dafault), only current jail of the ban IP
will be searched
#bantime.overalljails = false

If I'm understanding this correctly, I can change the formula, or I can
change the multiplier - I *think* either way is acceptable as a way of
calculating what the increase should be,

Here is my config, from my jail.local

1) My DB has a purge age of a few years. At the moment, in versions before
0.10, the DB never gets purged. But it's been fixed and it does now purge.
If you want to be able to ban things for a long time using multipliers,
you'll need a long purge age - because f2b decides whether something should
be classed as "bad" and therefore have its ban time lengthened by whether
it's in the database. If the database has been purged, the IP address
might've been removed.

At this stage I don't know whether a 2-year-long purge age will result in
all my disk space being used or whether it will cripple f2b's database
usage. I'll report back!

2) My bantime starts at 7200 - 2 hours. I chose this on the basis that most
attacks seem to be one-offs, and now that I can multiple ban times it makes
sense to unban one-off offenders after a few hours. They will likely have
stopped trying to attack me. If they come back, their ban will be increased.

3) My multiplier is odd: It's 2 days, 14 days, 90 days, then 3 years. Why?
Because sometimes an IP address will attack just for a few days or a few
weeks before the IP address owner realises their machine has been hijacked.
So, you get a few chances to mend your ways. After 14 days, you're probably
just a bad IP, so you get banned for 90 days. But because people change
their hosting sometimes, I give you a chance after 90 days. Then, it's 3
years. Because if you've attacked and been banned for 2 hours, 2 days, 14
days, then 90 days, that means you've attacked me 4 times in a period of
3.5 months - you're a bad guy.

*Here is what that section of my jail.local looks like:*

bantime = 7200
bantime.increment = true

# the variable hour is set earlier in the file - I use variables to set
lots of different time periods, so it is easier to understand the config
bantime.rndtime = %(hour)s
.
bantime.factor = 1

# I don't know if I need this but it's there anyway
bantime.formula = ban.Time * (1<<(ban.Count if ban.Count<20 else 20)) *
banFactor

# this is 2 days, 14 days, 90 days etc multiplied with a starting ban time
of 2 hours
bantime.multipliers = 1 24 168 1080 2184 4380 12000 24000

# I do this cos I have a jail for fast attacks - bots that hit me dozens of
times a second, as well as a jail for specific types of bots
# so depending on which jail they hit first, they might be banned by
different jails

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-03-31 Thread Palvelin Postmaster via Fail2ban-users

Are the various multiplier settings documented somewhere?

Examples would be very welcome too. Isn’t that what this list is for? :)


> On 30 Mar 2018, at 14:46, Tony Collins  wrote:
> 
> Hi!
> 
> It's really configurable: there's a basic on/off setting, but you can also 
> tell it how much to increase by each time, and you can set either simple or 
> aggressive formulae.
> 
> This is one of the settings for the multiplier:
> 
> bantime.multipliers = 1 2 16 90 182 365 1000 2000
> 
> That shows how aggressively it will increase the bantime. In example above, 
> my bantime of 86400 (1 day) will ban a persistent offender for 1 day, 2 days, 
> 16 days etc. You can configure it in a really granular way if you manipulate 
> the ban time with the multiplier.
> 
> In terms of purging, yes I'm talking about dbpurgeage. Until 0.10 or 0.11 
> that setting didn't actually do anything. No function was ever written to 
> purge the DB.
> 
> Now it works; it does purge after dbpurgeage. So I set my purge age to 2 
> years, so that it remembers long-time bans. But that's because my multiplier 
> eventually bans bad IPa for a year or more.
> 
> The purge age amount depends on what sort of ban times you set.
> 
> If you want to discuss more specific examples, I can show you how I'm using 
> it.
> 
> It's honestly improved f2b by ten times for me - the recidive jail never 
> quite worked for me because it was not very configurable, but now we have an 
> ability to generate longer and longer ban times, so Fail2Ban really feels 
> even more useful.
> 
> Tony 
> 
> On Fri, 30 Mar 2018 at 11:31, Palvelin Postmaster via Fail2ban-users 
>  wrote:
> 
> 
> > On 15 Mar 2018, at 12:00, Tony Collins  wrote:
> >
> > One other thing: the 0.11.x version of f2b has a ban time "multiplier", 
> > which is just fantastic - if the same IP keeps getting banned, f2b 
> > automatically increases the ban time. To do that you need a long 'purgeage' 
> > setting (so it can remember that an IP was banned a few months ago), and 
> > again once you use f2b to manage your blocks, it can just take care of 
> > everything - you never need to use iptables commands for unblocking, 
> > because f2b 0.11.x manages ban times so much more effectively and 
> > logically. F2b has always managed bans and unbans pretty well, but there's 
> > been some really excellent polish applied to recent versions.
> 
> Is the ’multiplier’ applied automatically or is there a setting?
> 
> I presumw by ’purgeable’ you refer the dbpurgeage setting. Where should one 
> ideally set it in regards to the new automatically increasing ban time?
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
> -- 
> -- Tony Collins
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! 
> http://sdm.link/slashdot___
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-03-30 Thread Tony Collins

Hi!

It's really configurable: there's a basic on/off setting, but you can also
tell it how much to increase by each time, and you can set either simple or
aggressive formulae.

This is one of the settings for the multiplier:

bantime.multipliers = 1 2 16 90 182 365 1000 2000

That shows how aggressively it will increase the bantime. In example above,
my bantime of 86400 (1 day) will ban a persistent offender for 1 day, 2
days, 16 days etc. You can configure it in a really granular way if you
manipulate the ban time with the multiplier.

In terms of purging, yes I'm talking about dbpurgeage. Until 0.10 or 0.11
that setting didn't actually do anything. No function was ever written to
purge the DB.

Now it works; it does purge after dbpurgeage. So I set my purge age to 2
years, so that it remembers long-time bans. But that's because my
multiplier eventually bans bad IPa for a year or more.

The purge age amount depends on what sort of ban times you set.

If you want to discuss more specific examples, I can show you how I'm using
it.

It's honestly improved f2b by ten times for me - the recidive jail never
quite worked for me because it was not very configurable, but now we have
an ability to generate longer and longer ban times, so Fail2Ban really
feels even more useful.

Tony

On Fri, 30 Mar 2018 at 11:31, Palvelin Postmaster via Fail2ban-users <
fail2ban-users@lists.sourceforge.net> wrote:

>
>
> > On 15 Mar 2018, at 12:00, Tony Collins  wrote:
> >
> > One other thing: the 0.11.x version of f2b has a ban time "multiplier",
> which is just fantastic - if the same IP keeps getting banned, f2b
> automatically increases the ban time. To do that you need a long 'purgeage'
> setting (so it can remember that an IP was banned a few months ago), and
> again once you use f2b to manage your blocks, it can just take care of
> everything - you never need to use iptables commands for unblocking,
> because f2b 0.11.x manages ban times so much more effectively and
> logically. F2b has always managed bans and unbans pretty well, but there's
> been some really excellent polish applied to recent versions.
>
> Is the ’multiplier’ applied automatically or is there a setting?
>
> I presumw by ’purgeable’ you refer the dbpurgeage setting. Where should
> one ideally set it in regards to the new automatically increasing ban time?
>
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>
-- 
-- Tony Collins
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-03-30 Thread Palvelin Postmaster via Fail2ban-users



> On 15 Mar 2018, at 12:00, Tony Collins  wrote:
> 
> One other thing: the 0.11.x version of f2b has a ban time "multiplier", which 
> is just fantastic - if the same IP keeps getting banned, f2b automatically 
> increases the ban time. To do that you need a long 'purgeage' setting (so it 
> can remember that an IP was banned a few months ago), and again once you use 
> f2b to manage your blocks, it can just take care of everything - you never 
> need to use iptables commands for unblocking, because f2b 0.11.x manages ban 
> times so much more effectively and logically. F2b has always managed bans and 
> unbans pretty well, but there's been some really excellent polish applied to 
> recent versions.

Is the ’multiplier’ applied automatically or is there a setting?

I presumw by ’purgeable’ you refer the dbpurgeage setting. Where should one 
ideally set it in regards to the new automatically increasing ban time?
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-03-15 Thread Bill Shirley


If you use iptables with Shorewall, then a 'shorewall restart' will clobber your
fail2ban rules.  It's better to use a ipset with Shorewall.

Bill

On 3/15/2018 5:21 AM, chaouche yacine via Fail2ban-users wrote:

Nick,

Can you please explain why this is better than just removing the rule from iptables ? because that's how I do with shorewall 
so I might be doing something wrong.


Yassine.


On Thursday, March 15, 2018 10:19 AM, Nick Howitt  wrote:


fail2ban-client  set  unbanip 

On 15/03/2018 08:29, Ramses wrote:
> Hi everybody,
>
> I have an old version of fail2ban and I'd like know if I have somehow to 
unban a IP Address that fail2ban has banned.
>
>
> Regards,
>
> Ramses
>
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net 

> https://lists.sourceforge.net/lists/listinfo/fail2ban-users



--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net 

https://lists.sourceforge.net/lists/listinfo/fail2ban-users




--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot


___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-03-15 Thread Tony Collins

And also in newer versions, the database works properly (it never got
'purged' before), so if you run everything through fail2ban-client
commands, you'll have a functional, traceable, database-driven system that
can manage all your bans. In addition, your actionunban might have extra
commands - for example, emailing or logging the ban/unban. If you only use
iptables, you might be missing out on other things f2b was configured to do.

I now never ever look at iptables/ipset etc. Everything is managed through
f2b.

Think of it as a centralised front-end to all the various block/firewall
commands you might use for attacks - if f2b is what you used to detect and
block IP addresses, it makes sense for f2b to be what you use to unblock
them.

One other thing: the 0.11.x version of f2b has a ban time "multiplier",
which is just fantastic - if the same IP keeps getting banned, f2b
automatically increases the ban time. To do that you need a long 'purgeage'
setting (so it can remember that an IP was banned a few months ago), and
again once you use f2b to manage your blocks, it can just take care of
everything - you never need to use iptables commands for unblocking,
because f2b 0.11.x manages ban times so much more effectively and
logically. F2b has always managed bans and unbans pretty well, but there's
been some really excellent polish applied to recent versions.

Tony Collins
RMT Tier 1 Health & Safety Representative
Edgware Road Traincrew Depot
07949 228324

On 15 March 2018 at 09:44, Nick Howitt  wrote:

> If you remove firewall rule then restart f2b the block will (may) reappear.
>
> On 15/03/2018 09:21, chaouche yacine via Fail2ban-users wrote:
>
>> Nick,
>>
>> Can you please explain why this is better than just removing the rule
>> from iptables ? because that's how I do with shorewall so I might be doing
>> something wrong.
>>
>> Yassine.
>>
>>
>> On Thursday, March 15, 2018 10:19 AM, Nick Howitt 
>> wrote:
>>
>>
>> fail2ban-client  set  unbanip 
>>
>> On 15/03/2018 08:29, Ramses wrote:
>> > Hi everybody,
>> >
>> > I have an old version of fail2ban and I'd like know if I have somehow
>> to unban a IP Address that fail2ban has banned.
>> >
>> >
>> > Regards,
>> >
>> > Ramses
>> >
>> > 
>> --
>> > Check out the vibrant tech community on one of the world's most
>> > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> > ___
>> > Fail2ban-users mailing list
>> > Fail2ban-users@lists.sourceforge.net > ourceforge.net>
>> > https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>>
>>
>>
>> 
>> --
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> ___
>> Fail2ban-users mailing list
>> Fail2ban-users@lists.sourceforge.net > ourceforge.net>
>> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>>
>>
>>
>>
>> 
>> --
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>
>>
>> ___
>> Fail2ban-users mailing list
>> Fail2ban-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>>
>
>
> 
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-03-15 Thread Darac Marjal


On Thu, Mar 15, 2018 at 09:29:18AM +0100, Ramses wrote:

Hi everybody,

I have an old version of fail2ban and I'd like know if I have somehow to unban 
a IP Address that fail2ban has banned.


Just to answer this question exactly: others have told you HOW to unban 
an IP. but you asked IF you have to. There, the answer is generally 
"no".


Fail2ban will ban an IP by calling the "actionban" command of your 
chosen firewall (chosen, that is, by setting the "banaction" option). 
Fail2ban will then wait "bantime" seconds and then call "actionunban" 
for that same action.


The "actionban" and "actionunban" options are specific to the type of 
firewall you're controlling. Typically, they add and remove blocking 
rules, but they can, essentially, do anything. Sending a notification is 
a good example of another kind of action.


As to why you should ask fail2ban to unban the IP rather than removing 
the rule manually, when you ask fail2ban to do it, it will call ALL the 
"actionunban" commands that you've configured (for that jail). So 
perhaps you want a notification when IPs are released from their jails, 
or perhaps, as someone had recently on this list, you're controlling a 
remote system with fail2ban. It's good practice to ask fail2ban to do 
the unbanning.





Regards,

Ramses

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users


--
For more information, please reread.


signature.asc
Description: PGP signature
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-03-15 Thread Nick Howitt


If you remove firewall rule then restart f2b the block will (may) reappear.

On 15/03/2018 09:21, chaouche yacine via Fail2ban-users wrote:

Nick,

Can you please explain why this is better than just removing the rule 
from iptables ? because that's how I do with shorewall so I might be 
doing something wrong.


Yassine.


On Thursday, March 15, 2018 10:19 AM, Nick Howitt  
wrote:



fail2ban-client  set  unbanip 

On 15/03/2018 08:29, Ramses wrote:
> Hi everybody,
>
> I have an old version of fail2ban and I'd like know if I have 
somehow to unban a IP Address that fail2ban has banned.

>
>
> Regards,
>
> Ramses
>
> 
--

> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net 


> https://lists.sourceforge.net/lists/listinfo/fail2ban-users



--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net 


https://lists.sourceforge.net/lists/listinfo/fail2ban-users




--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot


___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users



--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-03-15 Thread Nick Howitt




On 15/03/2018 09:41, Nick Howitt wrote:

On 15/03/2018 09:37, Ramses wrote:
El 15 de marzo de 2018 10:06:55 CET, Nick Howitt  
escribió:

fail2ban-client  set  unbanip 

On 15/03/2018 08:29, Ramses wrote:

Hi everybody,

I have an old version of fail2ban and I'd like know if I have somehow

to unban a IP Address that fail2ban has banned.


Regards,

Ramses


-- 




Hi Nick,

That not works in this version.

# fail2ban-client set asterisk-mngr-iptables unbanip 88.88.88.88

Invalid command (no set action or not yet implemented)
#


Regards,

Ramses



Perhaps you could tell us which version you are using?

-- 


Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
Apologies. The version is in the subject. If that does not work then I 
don't know through f2b. Just use an iptables command.


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-03-15 Thread Nick Howitt


On 15/03/2018 09:37, Ramses wrote:

El 15 de marzo de 2018 10:06:55 CET, Nick Howitt  escribió:

fail2ban-client  set  unbanip 

On 15/03/2018 08:29, Ramses wrote:

Hi everybody,

I have an old version of fail2ban and I'd like know if I have somehow

to unban a IP Address that fail2ban has banned.


Regards,

Ramses



--


Hi Nick,

That not works in this version.

# fail2ban-client set asterisk-mngr-iptables unbanip 88.88.88.88

Invalid command (no set action or not yet implemented)
#


Regards,

Ramses



Perhaps you could tell us which version you are using?

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-03-15 Thread Ramses

El 15 de marzo de 2018 10:06:55 CET, Nick Howitt  escribió:
>fail2ban-client  set  unbanip 
>
>On 15/03/2018 08:29, Ramses wrote:
>> Hi everybody,
>>
>> I have an old version of fail2ban and I'd like know if I have somehow
>to unban a IP Address that fail2ban has banned.
>>
>>
>> Regards,
>>
>> Ramses
>>
>>
>--
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> ___
>> Fail2ban-users mailing list
>> Fail2ban-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/fail2ban-users
>
>
>--
>Check out the vibrant tech community on one of the world's most
>engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>___
>Fail2ban-users mailing list
>Fail2ban-users@lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Hi Nick,

That not works in this version.

# fail2ban-client set asterisk-mngr-iptables unbanip 88.88.88.88

Invalid command (no set action or not yet implemented)
#


Regards, 

Ramses

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-03-15 Thread chaouche yacine via Fail2ban-users

Nick,
Can you please explain why this is better than just removing the rule from 
iptables ? because that's how I do with shorewall so I might be doing something 
wrong.

Yassine. 

On Thursday, March 15, 2018 10:19 AM, Nick Howitt  
wrote:
 

 fail2ban-client  set  unbanip 

On 15/03/2018 08:29, Ramses wrote:
> Hi everybody,
>
> I have an old version of fail2ban and I'd like know if I have somehow to 
> unban a IP Address that fail2ban has banned.
>
>
> Regards,
>
> Ramses
>
> --
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> ___
> Fail2ban-users mailing list
> Fail2ban-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fail2ban-users


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users


   --
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

2018-03-15 Thread Nick Howitt


fail2ban-client  set  unbanip 

On 15/03/2018 08:29, Ramses wrote:

Hi everybody,

I have an old version of fail2ban and I'd like know if I have somehow to unban 
a IP Address that fail2ban has banned.


Regards,

Ramses

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users



--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
___
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

Re: [Fail2ban-users] Unban IP Address on Fail2Ban v8.4.2

14 matches

Site Navigation

Mail list logo

Footer information