FAIL2BAN-CLIENT(1) User Commands FAIL2BAN-CLIENT(1)
NAME
fail2ban-client - configure and control the server
SYNOPSIS
fail2ban-client [OPTIONS] <COMMAND>
DESCRIPTION
Fail2Ban v1.0.2 reads log file that contains password failure report
and bans the corresponding IP addresses using firewall rules.
OPTIONS
-c, --conf <DIR>
configuration directory
-s, --socket <FILE>
socket path
-p, --pidfile <FILE>
pidfile path
--pname <NAME>
name of the process (main thread) to identify instance (default
fail2ban-server)
--loglevel <LEVEL>
logging level
--logtarget <TARGET>
logging target, use file-name or stdout, stderr, syslog or
sysout.
--syslogsocket auto|<FILE>
-d dump configuration. For debugging
--dp, --dump-pretty
dump the configuration using more human readable representation
-t, --test
test configuration (can be also specified with start parameters)
-i interactive mode
-v increase verbosity
-q decrease verbosity
-x force execution of the server (remove socket file)
-b start server in background (default)
-f start server in foreground
--async
start server in async mode (for internal usage only, don't read
configuration)
--timeout
timeout to wait for the server (for internal usage only, don't
read configuration)
--str2sec <STRING>
convert time abbreviation format to seconds
-h, --help
display this help message
-V, --version
print the version (-V returns machine-readable short format)
COMMAND
BASIC
start starts the server and the jails
restart
restarts the server
restart [--unban] [--if-exists] <JAIL>
restarts the jail <JAIL> (alias for 'reload --restart ...
<JAIL>')
reload [--restart] [--unban] [--all]
reloads the configuration without restarting of the server, the
option '--restart' activates completely restarting of affected
jails, thereby can unban IP addresses (if option '--unban' spec-
ified)
reload [--restart] [--unban] [--if-exists] <JAIL>
reloads the jail <JAIL>, or restarts it (if option '--restart'
specified)
stop stops all jails and terminate the server
unban --all
unbans all IP addresses (in all jails and database)
unban <IP> ... <IP>
unbans <IP> (in all jails and database)
banned return jails with banned IPs as dictionary
banned <IP> ... <IP>]
return list(s) of jails where given IP(s) are banned
status gets the current status of the server
ping tests if the server is alive
echo for internal usage, returns back and outputs a given string
help return this output
version
return the server version
LOGGING
set loglevel <LEVEL>
sets logging level to <LEVEL>. Levels: CRITICAL, ERROR, WARN-
ING, NOTICE, INFO, DEBUG, TRACEDEBUG, HEAVYDEBUG or correspond-
ing numeric value (50-5)
get loglevel
gets the logging level
set logtarget <TARGET>
sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG,
SYSTEMD-JOURNAL or a file
get logtarget
gets logging target
set syslogsocket auto|<SOCKET>
sets the syslog socket path to auto or <SOCKET>. Only used if
logtarget is SYSLOG
get syslogsocket
gets syslog socket path
flushlogs
flushes the logtarget if a file and reopens it. For log rota-
tion.
DATABASE
set dbfile <FILE>
set the location of fail2ban persistent datastore. Set to "None"
to disable
get dbfile
get the location of fail2ban persistent datastore
set dbmaxmatches <INT>
sets the max number of matches stored in database per ticket
get dbmaxmatches
gets the max number of matches stored in database per ticket
set dbpurgeage <SECONDS>
sets the max age in <SECONDS> that history of bans will be kept
get dbpurgeage
gets the max age in seconds that history of bans will be kept
JAIL CONTROL
add <JAIL> <BACKEND>
creates <JAIL> using <BACKEND>
start <JAIL>
starts the jail <JAIL>
stop <JAIL>
stops the jail <JAIL>. The jail is removed
status <JAIL> [FLAVOR]
gets the current status of <JAIL>, with optional flavor or ex-
tended info
JAIL CONFIGURATION
set <JAIL> idle on|off
sets the idle state of <JAIL>
set <JAIL> ignoreself true|false
allows the ignoring of own IP addresses
set <JAIL> addignoreip <IP>
adds <IP> to the ignore list of <JAIL>
set <JAIL> delignoreip <IP>
removes <IP> from the ignore list of <JAIL>
set <JAIL> ignorecommand <VALUE>
sets ignorecommand of <JAIL>
set <JAIL> ignorecache <VALUE>
sets ignorecache of <JAIL>
set <JAIL> addlogpath <FILE> ['tail']
adds <FILE> to the monitoring list of <JAIL>, optionally start-
ing at the 'tail' of the file (default 'head').
set <JAIL> dellogpath <FILE>
removes <FILE> from the monitoring list of <JAIL>
set <JAIL> logencoding <ENCODING>
sets the <ENCODING> of the log files for <JAIL>
set <JAIL> addjournalmatch <MATCH>
adds <MATCH> to the journal filter of <JAIL>
set <JAIL> deljournalmatch <MATCH>
removes <MATCH> from the journal filter of <JAIL>
set <JAIL> addfailregex <REGEX>
adds the regular expression <REGEX> which must match failures
for <JAIL>
set <JAIL> delfailregex <INDEX>
removes the regular expression at <INDEX> for failregex
set <JAIL> addignoreregex <REGEX>
adds the regular expression <REGEX> which should match pattern
to exclude for <JAIL>
set <JAIL> delignoreregex <INDEX>
removes the regular expression at <INDEX> for ignoreregex
set <JAIL> findtime <TIME>
sets the number of seconds <TIME> for which the filter will look
back for <JAIL>
set <JAIL> bantime <TIME>
sets the number of seconds <TIME> a host will be banned for
<JAIL>
set <JAIL> datepattern <PATTERN>
sets the <PATTERN> used to match date/times for <JAIL>
set <JAIL> usedns <VALUE>
sets the usedns mode for <JAIL>
set <JAIL> attempt <IP> [<failure1> ... <failureN>]
manually notify about <IP> failure
set <JAIL> banip <IP> ... <IP>
manually Ban <IP> for <JAIL>
set <JAIL> unbanip [--report-absent] <IP> ... <IP>
manually Unban <IP> in <JAIL>
set <JAIL> maxretry <RETRY>
sets the number of failures <RETRY> before banning the host for
<JAIL>
set <JAIL> maxmatches <INT>
sets the max number of matches stored in memory per ticket in
<JAIL>
set <JAIL> maxlines <LINES>
sets the number of <LINES> to buffer for regex search for <JAIL>
set <JAIL> addaction <ACT>[ <PYTHONFILE> <JSONKWARGS>]
adds a new action named <ACT> for <JAIL>. Optionally for a
Python based action, a <PYTHONFILE> and <JSONKWARGS> can be
specified, else will be a Command Action
set <JAIL> delaction <ACT>
removes the action <ACT> from <JAIL>
COMMAND ACTION CONFIGURATION
set <JAIL> action <ACT> actionstart <CMD>
sets the start command <CMD> of the action <ACT> for <JAIL>
set <JAIL> action <ACT> actionstop <CMD> sets the stop command <CMD> of
the
action <ACT> for <JAIL>
set <JAIL> action <ACT> actioncheck <CMD>
sets the check command <CMD> of the action <ACT> for <JAIL>
set <JAIL> action <ACT> actionban <CMD>
sets the ban command <CMD> of the action <ACT> for <JAIL>
set <JAIL> action <ACT> actionunban <CMD>
sets the unban command <CMD> of the action <ACT> for <JAIL>
set <JAIL> action <ACT> timeout <TIMEOUT>
sets <TIMEOUT> as the command timeout in seconds for the action
<ACT> for <JAIL>
GENERAL ACTION CONFIGURATION
set <JAIL> action <ACT> <PROPERTY> <VALUE>
sets the <VALUE> of <PROPERTY> for the action <ACT> for <JAIL>
set <JAIL> action <ACT> <METHOD>[ <JSONKWARGS>]
calls the <METHOD> with <JSONKWARGS> for the action <ACT> for
<JAIL>
JAIL INFORMATION
get <JAIL> banned
return banned IPs of <JAIL>
get <JAIL> banned <IP> ... <IP>]
return 1 if IP is banned in <JAIL> otherwise 0, or a list of 1/0
for multiple IPs
get <JAIL> logpath
gets the list of the monitored files for <JAIL>
get <JAIL> logencoding
gets the encoding of the log files for <JAIL>
get <JAIL> journalmatch
gets the journal filter match for <JAIL>
get <JAIL> ignoreself
gets the current value of the ignoring the own IP addresses
get <JAIL> ignoreip
gets the list of ignored IP addresses for <JAIL>
get <JAIL> ignorecommand
gets ignorecommand of <JAIL>
get <JAIL> failregex
gets the list of regular expressions which matches the failures
for <JAIL>
get <JAIL> ignoreregex
gets the list of regular expressions which matches patterns to
ignore for <JAIL>
get <JAIL> findtime
gets the time for which the filter will look back for failures
for <JAIL>
get <JAIL> bantime
gets the time a host is banned for <JAIL>
get <JAIL> datepattern
gets the pattern used to match date/times for <JAIL>
get <JAIL> usedns
gets the usedns setting for <JAIL>
get <JAIL> banip [<SEP>|--with-time]
gets the list of of banned IP addresses for <JAIL>. Optionally
the separator character ('<SEP>', default is space) or the op-
tion '--with-time' (printing the times of ban) may be specified.
The IPs are ordered by end of ban.
get <JAIL> maxretry
gets the number of failures allowed for <JAIL>
get <JAIL> maxmatches
gets the max number of matches stored in memory per ticket in
<JAIL>
get <JAIL> maxlines
gets the number of lines to buffer for <JAIL>
get <JAIL> actions
gets a list of actions for <JAIL>
COMMAND ACTION INFORMATION
get <JAIL> action <ACT> actionstart
gets the start command for the action <ACT> for <JAIL>
get <JAIL> action <ACT> actionstop
gets the stop command for the action <ACT> for <JAIL>
get <JAIL> action <ACT> actioncheck
gets the check command for the action <ACT> for <JAIL>
get <JAIL> action <ACT> actionban
gets the ban command for the action <ACT> for <JAIL>
get <JAIL> action <ACT> actionunban
gets the unban command for the action <ACT> for <JAIL>
get <JAIL> action <ACT> timeout
gets the command timeout in seconds for the action <ACT> for
<JAIL>
GENERAL ACTION INFORMATION
get <JAIL> actionproperties <ACT>
gets a list of properties for the action <ACT> for <JAIL>
get <JAIL> actionmethods <ACT>
gets a list of methods for the action <ACT> for <JAIL>
get <JAIL> action <ACT> <PROPERTY>
gets the value of <PROPERTY> for the action <ACT> for <JAIL>
FILES
/etc/fail2ban/*
REPORTING BUGS
Report bugs via Debian bug tracking system http://www.debian.org/Bugs/
.
SEE ALSO
fail2ban-server(1) jail.conf(5)
Fail2Ban v1.0.2 November 2022 FAIL2BAN-CLIENT(1)
Generated by dwww version 1.15 on Fri Jun 28 15:43:19 CEST 2024.