Difference between revisions of "Fail2ban and Denyhosts"

From Klaus' wiki
Jump to: navigation, search
(Created page with "If you are using fail2ban to protect your computer against intruders and you accidentally bans one of your own IP addresses while experimenting with a setup use these commands...")
 
m (Klaus moved page Fail2ban to Fail2ban and Denyhosts)
 
(No difference)

Latest revision as of 12:35, 26 November 2018

If you are using fail2ban to protect your computer against intruders and you accidentally bans one of your own IP addresses while experimenting with a setup use these commands to get the banned IP out of the ban again:

$] fail2ban-client status 
$] fail2ban-client set <jail listed by the above command, e.g. sshd> unbanip <the banned IP address>

Sometimes the IP address remains in the IPtables. Find it using these commands:

$] iptables -L --line-numbers|less

look for your IP address and note the filter, e.g. INPUT, and the line number.

Remove it from IPtables using this command:

$] iptables -D <the chain to delete from, e.g. INPUT> <the line number found above>

If you also use denyhosts to keep intruders out of your box and the IP address is in /etc/hosts.deny edit all the files in /var/lib/denyhosts/* and remove the denied IP addresse as well as /etc/hosts.deny - but after you have stopped denyhosts using

$] systemmctl stop denyhosts.service.

Remember to restart after editing.