Commands
From Fail2ban
The commands presented above can be executed using:
$ fail2ban-client <COMMAND>
or by typing them in the interactive console available with:
$ fail2ban-client -i
BASIC
Command | Description | |
start | starts the server and the jails | |
reload | reloads the configuration | |
reload <JAIL> | reloads the jail <JAIL> | |
stop | stops all jails and terminate the server | |
status | gets the current status of the server | |
ping | tests if the server is alive | |
help | return this output |
LOGGING
Command | Description | |
set loglevel <LEVEL> | sets logging level to <LEVEL>. 0 is minimal, 4 is debug | |
get loglevel | gets the logging level | |
set logtarget <TARGET> | sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG or a file | |
get logtarget | gets logging target |
JAIL CONTROL
Command | Description | |
add <JAIL> <BACKEND> | creates <JAIL> using <BACKEND> | |
start <JAIL> | starts the jail <JAIL> | |
stop <JAIL> | stops the jail <JAIL>. The jail is removed | |
status <JAIL> | gets the current status of <JAIL> |
JAIL CONFIGURATION
Command | Description | |
off | sets the idle state of <JAIL> | |
set <JAIL> addignoreip <IP> | adds <IP> to the ignore list of <JAIL> | |
set <JAIL> delignoreip <IP> | removes <IP> from the ignore list of <JAIL> | |
set <JAIL> addlogpath <FILE> | adds <FILE> to the monitoring list of <JAIL> | |
set <JAIL> dellogpath <FILE> | removes <FILE> from the monitoring list of <JAIL> | |
set <JAIL> addfailregex <REGEX> | adds the regular expression <REGEX> which must match failures for <JAIL> | |
set <JAIL> delfailregex <INDEX> | removes the regular expression at <INDEX> for failregex | |
set <JAIL> addignoreregex <REGEX> | adds the regular expression <REGEX> which should match pattern to exclude for <JAIL> | |
set <JAIL> delignoreregex <INDEX> | removes the regular expression at <INDEX> for ignoreregex | |
set <JAIL> findtime | sets the number of seconds <TIME> for which the filter will look back for <JAIL> | |
<tt>set <JAIL> bantime <TIME></tt> | sets the number of seconds <TIME> a host will be banned for <JAIL> | |
<tt>set <JAIL> usedns <VALUE></tt> | sets the usedns mode for <JAIL> | |
<tt>set <JAIL> banip <IP></tt> | manually Ban <IP> for <JAIL> | |
<tt>set <JAIL> unbanip <IP></tt> | manually Unban <IP> in <JAIL> | |
<tt>set <JAIL> maxretry <RETRY></tt> | sets the number of failures <RETRY> before banning the host for <JAIL> | |
<tt>set <JAIL> addaction <ACT></tt> | adds a new action named <NAME> for <JAIL> | |
<tt>set <JAIL> delaction <ACT></tt> | removes the action <NAME> from <JAIL> | |
<tt>set <JAIL> setcinfo <ACT> <KEY> <VALUE></tt> | sets <VALUE> for <KEY> of the action <NAME> for <JAIL> | |
<tt>set <JAIL> delcinfo <ACT> <KEY></tt> | removes <KEY> for the action <NAME> for <JAIL> | |
<tt>set <JAIL> actionstart <ACT> <CMD></tt> | sets the start command <CMD> of the action <ACT> for <JAIL> | |
<tt>set <JAIL> actionstop <ACT> <CMD></tt> | sets the stop command <CMD> of the action <ACT> for <JAIL> | |
<tt>set <JAIL> actioncheck <ACT> <CMD></tt> | sets the check command <CMD> of the action <ACT> for <JAIL> | |
<tt>set <JAIL> actionban <ACT> <CMD></tt> | sets the ban command <CMD> of the action <ACT> for <JAIL> | |
<tt>set <JAIL> actionunban <ACT> <CMD></tt> | sets the unban command <CMD> of the action <ACT> for <JAIL> |
JAIL INFORMATION
Command | Description | |
<tt>get <JAIL> logpath</tt> | gets the list of the monitored files for <JAIL> | |
<tt>get <JAIL> ignoreip</tt> | gets the list of ignored IP addresses for <JAIL> | |
<tt>get <JAIL> failregex</tt> | gets the list of regular expressions which matches the failures for <JAIL> | |
<tt>get <JAIL> ignoreregex</tt> | gets the list of regular expressions which matches patterns to ignore for <JAIL> | |
<tt>get <JAIL> findtime</tt> | gets the time for which the filter will look back for failures for <JAIL> | |
<tt>get <JAIL> bantime</tt> | gets the time a host is banned for <JAIL> | |
<tt>get <JAIL> usedns</tt> | gets the usedns setting for <JAIL> | |
<tt>get <JAIL> maxretry</tt> | gets the number of failures allowed for <JAIL> | |
<tt>get <JAIL> addaction</tt> | gets the last action which has been added for <JAIL> | |
<tt>get <JAIL> actionstart <ACT></tt> | gets the start command for the action <ACT> for <JAIL> | |
<tt>get <JAIL> actionstop <ACT></tt> | gets the stop command for the action <ACT> for <JAIL> | |
<tt>get <JAIL> actioncheck <ACT></tt> | gets the check command for the action <ACT> for <JAIL> | |
<tt>get <JAIL> actionban <ACT></tt> | gets the ban command for the action <ACT> for <JAIL> | |
<tt>get <JAIL> actionunban <ACT></tt> | gets the unban command for the action <ACT> for <JAIL> | |
<tt>get <JAIL> cinfo <ACT> <KEY></tt> | gets the value for <KEY> for the action <ACT> for <JAIL> |