Monday, March 21, 2011

Fail2Ban - Reload banned IP's after a restart

Restarting fail2ban will drop all of your currently banned IP's from iptables. To reload those banned IP's try this.

First, output your currently fail2-banned IP's to a text file with the iptables commands:
iptables-save | grep '\-A fail2ban' | sed 's/\-A/iptables\ \-A/' > bannedIPs.txt

Stop fail2ban, make your config changes, etc. and restart:
service fail2ban stop
service fail2ban start

Load your iptables commands by piping your saved rules to bash:
cat bannedIPs.txt | /bin/bash
Share |
Tags: , , ,

3 comments:

  1. But does fail2ban know it has to remove banned IP after certain time?

    ReplyDelete

  2. Unfortunately not with this method. I'd like to know if you come up with a solution that would!

    ReplyDelete

  3. I published a script here
    http://www.fail2ban.org/wiki/index.php/Fail2ban:Community_Portal#Question_about_persistent_IP_address_bans_over_restart
    what do you think?

    ReplyDelete

Subscribe to: Post Comments (Atom)
 
Contact our honeypot department if you are desperate to get blacklisted.