View Single Post
  #11  
Old 9th May 2012, 22:16
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 368
Thanks: 25
Thanked 47 Times in 42 Posts
Default

A follow-up as to whether or not it is possible un-ban an IP address, manually, in fail2ban: the short answer is, "No."

I'm not sure how drewb0y was able to un-ban an IP address, manually, with the command he cited, because according to an authoritative source (Yaroslav Halchenko), "actionunban" does not work that way (which explains why I received "Invalid command" errors).

From Yaroslav's response to my mailing-list inquiry:

Quote:
actionunban specifies the command for the action, .e.g like in a config
file -- it is not to call it, e.g. like it would be 'unbanip' command to
supplement 'banip'

in those rare cases I need to do it I just iptables -D it manually

but it is a valid feature request -- feel free to submit an issue on
github
So, there you have it, folks. As of fail2ban 0.8.6:

a.) The recommended means by which to un-ban individual IP addresses is to use the "iptables -D" command.

b.) There is a chance that if fail2ban is restarted after removing the rule, the rule will be re-added to iptables. (This will occur if "your original scanned logs still happen to have those entries within findtime from now".)
Reply With Quote
Sponsored Links