How to use the command 'fail2ban-client' (with examples)

How to use the command 'fail2ban-client' (with examples)

This article will guide you on how to use the ‘fail2ban-client’ command with examples.

Fail2ban is an intrusion prevention software framework that protects computer servers from brute-force attacks by monitoring system logs for repeated failed login attempts and blocking the offending IP addresses. The ‘fail2ban-client’ command is used to configure and control the fail2ban server.

Use case 1: Retrieve current status of the jail service

Code:

fail2ban-client status jail

Motivation: Checking the current status of the jail service is useful to monitor if any IP addresses have been banned due to failed login attempts. It provides an overview of the current state of the fail2ban server.

Explanation:

  • fail2ban-client is the command to interact with the fail2ban server.
  • status is the subcommand used to retrieve the current status of a specific jail service.
  • jail is the name of the jail service for which we want to retrieve the status.

Example output:

Status for the jail: jail
|- Filter
|  |- Currently failed: 1
|  |- Total failed: 10
|  `- File list:    /var/log/auth.log
`- Actions
   |- Currently banned: 1
   |- Total banned: 5
   `- Banned IP list:   192.168.1.100

Use case 2: Remove the specified IP from the jail service’s ban list

Code:

fail2ban-client set jail unbanip ip

Motivation: If an IP address has been mistakenly banned from the jail service, this command allows you to remove it from the ban list. This can be useful to restore access to a previously banned IP address.

Explanation:

  • fail2ban-client is the command to interact with the fail2ban server.
  • set is the subcommand used to modify a specific jail service configuration.
  • jail is the name of the jail service for which we want to modify the configuration.
  • unbanip is the action to remove an IP address from the ban list.
  • ip is the specific IP address to be removed from the ban list.

Example output:

Unbanning IP Address: 192.168.1.100 from jail: jail

Use case 3: Verify fail2ban server is alive

Code:

fail2ban-client ping

Motivation: Verifying if the fail2ban server is alive ensures that the server is running and properly responding to commands. This command can be used as a health check for the fail2ban server.

Explanation:

  • fail2ban-client is the command to interact with the fail2ban server.
  • ping is the subcommand used to check if the fail2ban server is alive.

Example output:

Server replied: pong

Conclusion:

The ‘fail2ban-client’ command is a powerful tool for configuring and controlling the fail2ban server. It allows you to retrieve the current status of the jail service, remove an IP address from the ban list, and verify the server’s availability. By utilizing these command examples, you can effectively manage and monitor the fail2ban server’s functionality and protect your system from brute-force attacks.

Tags :

Related Posts

How to use the command ppmtosixel (with examples)

How to use the command ppmtosixel (with examples)

The ppmtosixel command is used to convert a PPM (Portable Pixmap) image to DEC sixel format.

Read More
How to use the command 'exit' (with examples)

How to use the command 'exit' (with examples)

The ’exit’ command is used to exit the current shell. It allows you to terminate the current shell session and return to the previous environment.

Read More
How to use the command 'bnepd' (with examples)

How to use the command 'bnepd' (with examples)

The ‘bnepd’ command is a service on Unix systems that handles all Bluetooth network connections.

Read More