Fail2ban you and your server… How to Unban with Fail2ban
I
find Fail2ban a nice useful linux tool considering how everyone seems to try to gain root access to our linux servers… the log is so extensive that fail2ban seems to be banning the whole internet around it…
However; it from time to time bans the unsavvy genuine user who insists in putting a wrong password on his email.
Unbaning thus becomes necessary…. here are the steps:
Who can unban?…
become root
su
Turning on and off fail2ban (disable / Enable)
# fail2ban-client stop
To stop it
# fail2ban-client start
To start it
Find out who you want to unban…
You need to know the IP of the unfortunate user…
iptables -L
look at the Chain fail2ban-ssh
notice the ip address to unban and count at which line number this is.
e.g.:
Chain fail2ban-ssh (1 references)
target prot opt source destination
DROP 0 — 61.236.117.xxx anywhere
DROP 0 — 61.236.117.yyy anywhere
RETURN 0 — anywhere anywhere
Unban the poor soul…
execute the following command:
iptables -D fail2ban-ssh
if you want to unban user 61.236.117.yyy use:
iptables -D fail2ban-ssh 2
hint:
When the banned host is youself (localhost), no ip address is shown but a rare name for example:
c68xxx.upc-c.nathan.au
This is your own host…..
