Background
Fail2ban is a really powerful utility and can help you out of a bind. The problem is the syntax – it’s changed and when you really need it on occasion it’s not entirely memorable. So here is a quick HOWTO to get you out of a bind.
Use the command sequence below to check for a banned IP address:
sudo zgrep 'Ban' /var/log/fail2ban.log* | grep x.y.150.94 /var/log/fail2ban.log:2020-11-20 08:18:32,558 fail2ban.actions [1547]: NOTICE [sshd] Ban x.y.150.94
Then remove it like so
fail2ban-client set sshd unbanip x.y.150.94
Then check if it worked like so:
sudo zgrep -i 'Unban' /var/log/fail2ban.log* | grep x.y.150.94 /var/log/fail2ban.log:2020-11-20 08:27:43,762 fail2ban.actions [1547]: NOTICE [sshd] Unban x.y.150.94
Look for Unban
Update July 2021
Once in a blue moon Fail2ban gives major issues in that it doesn’t want to unban an IP address. In that case you might want to resort to clearning it out completely using this command:
fail2ban-client unban --all
See Also
https://kb.vander.host/security/firewalld-cheat-sheet/
References
- https://serverfault.com/questions/841183/how-to-show-all-banned-ip-with-fail2ban
- https://serverfault.com/questions/285256/how-to-unban-an-ip-properly-with-fail2ban
- https://unix.stackexchange.com/questions/286119/delete-all-fail2ban-bans-in-ubuntu-linux/286133
- https://www.liquidweb.com/kb/an-introduction-to-firewalld/
- https://bobcares.com/blog/fail2ban-unban-ip/
- https://dev-notes.eu/2017/07/ignore-ip-addresses-in-fail2ban/