View Single Post
  #12  
Old 19th October 2012, 17:45
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 395
Thanks: 30
Thanked 58 Times in 50 Posts
Default

Given that this has become the authoritative thread on this subject, I thought I'd add an example, for my own reference, if no one else's.

To unban an IP address manually, it is necessary to know the chain name and the rule number. As suggested elsewhere in this thread, the following command can be used to acquire this information:

Code:
# iptables -L --line-numbers
The relevant bits are at the end of the output. Here is an example chain with attendant rules:

Code:
Chain fail2ban-ssh (1 references)
num  target     prot opt source               destination
1    DROP       all  --  204.110.13.107       anywhere
2    DROP       all  --  1.234.20.21          anywhere
3    DROP       all  --  gw-tair-rp.rel.com.ua  anywhere
4    RETURN     all  --  anywhere             anywhere
In this example, three (3) IP addresses have been banned via the SSH jail (these are the DROP rules).

To unban the IP address 1.234.20.21, the command would be:

Code:
# iptables -D fail2ban-ssh 2
Don't forget that if fail2ban is restarted after this change to iptables, there is the potential for the same IP address to be re-banned. The reason for this is discussed earlier in this thread.

Good luck!

Last edited by cbj4074; 19th October 2012 at 17:49. Reason: Clarified example.
Reply With Quote