Given that this has become the authoritative thread on this subject, I thought I'd add an example, for my own reference, if no one else's.
To unban an IP address manually, it is necessary to know the chain name and the rule number. As suggested elsewhere in this thread, the following command can be used to acquire this information:
Code:
# iptables -L --line-numbers
The relevant bits are at the end of the output. Here is an example chain with attendant rules:
Code:
Chain fail2ban-ssh (1 references)
num target prot opt source destination
1 DROP all -- 204.110.13.107 anywhere
2 DROP all -- 1.234.20.21 anywhere
3 DROP all -- gw-tair-rp.rel.com.ua anywhere
4 RETURN all -- anywhere anywhere
In this example, three (3) IP addresses have been banned via the SSH jail (these are the DROP rules).
To unban the IP address 1.234.20.21, the command would be:
Code:
# iptables -D fail2ban-ssh 2
Don't forget that if fail2ban is restarted after this change to iptables, there is the potential for the same IP address to be re-banned. The reason for this is discussed earlier in this thread.
Good luck!