fail2ban-client is a command-line tool for configuring and controlling a fail2ban server. fail2ban is an intrusion prevention software that monitors log files for suspicious activity and bans IP addresses that show malicious behavior. This tool allows you to interact with the fail2ban server, to configure the server, check its status, and manage the banned IP addresses.
If you encounter the below error while running the command fail2ban-client:
fail2ban-client: command not found
you may try installing the below package as per your choice of distribution:
| Distribution | Command |
|---|---|
| Debian | apt-get install fail2ban |
| Ubuntu | apt-get install fail2ban |
| Alpine | apk add fail2ban |
| Arch Linux | pacman -S fail2ban |
| Kali Linux | apt-get install fail2ban |
| Fedora | dnf install fail2ban-server |
| OS X | brew install fail2ban |
| Raspbian | apt-get install fail2ban |
fail2ban-client Command Examples
1. Retrieve current status of the jail service:
# fail2ban-client status jail
2. Remove the specified IP from the jail service’s ban list:
# fail2ban-client set jail unbanip ip
3. Verify fail2ban server is alive:
# fail2ban-client ping
4. To check the status of all active jails, you can use the command:
# fail2ban-client status
5. To ban an IP address from a specific jail, you can use the command:
# fail2ban-client set jailname banip IP_ADDRESS
6. To unban an IP address from a specific jail, you can use the command:
# fail2ban-client set jailname unbanip IP_ADDRESS
7. To set the ban time for a jail, you can use the command:
# fail2ban-client set jailname bantime BAN_TIME
8. To set the find time for a jail, you can use the command:
# fail2ban-client set jailname findtime FIND_TIME
9. To reload the configuration of all jails, you can use the command:
# fail2ban-client reload
It’s important to note that jailname in the examples above should be replaced with the actual name of the jail that you want to manage. Also, the IP_ADDRESS and time values should be replaced with the actual values.