SYNOPSIS

fail2ban-client [OPTIONS] <COMMAND>

DESCRIPTION

Fail2Ban v0.8.13 reads log file that contains password failure report and bans the corresponding IP addresses using firewall rules.

OPTIONS

-c <DIR>

configuration directory

-s <FILE>

socket path

-p <FILE>

pidfile path

-d

dump configuration. For debugging

-i

interactive mode

-v

increase verbosity

-q

decrease verbosity

-x

force execution of the server (remove socket file)

-h, --help

display this help message

-V, --version

print the version

COMMAND

  • BASIC

start

starts the server and the jails

reload

reloads the configuration

reload <JAIL>

reloads the jail <JAIL>

stop

stops all jails and terminate the server

status

gets the current status of the server

ping

tests if the server is alive

help

return this output

  • LOGGING

set loglevel <LEVEL>

sets logging level to <LEVEL>. 0 is minimal, 4 is debug

get loglevel

gets the logging level

set logtarget <TARGET>

sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG or a file

get logtarget

gets logging target

flushlogs

flushes the logtarget if a file and reopens it. For log rotation.

  • JAIL CONTROL

add <JAIL> <BACKEND>

creates <JAIL> using <BACKEND>

start <JAIL>

starts the jail <JAIL>

stop <JAIL>

stops the jail <JAIL>. The jail is removed

status <JAIL>

gets the current status of <JAIL>

  • JAIL CONFIGURATION

set <JAIL> idle on|off

sets the idle state of <JAIL>

set <JAIL> addignoreip <IP>

adds <IP> to the ignore list of <JAIL>

set <JAIL> delignoreip <IP>

removes <IP> from the ignore list of <JAIL>

set <JAIL> addlogpath <FILE>

adds <FILE> to the monitoring list of <JAIL>

set <JAIL> dellogpath <FILE>

removes <FILE> from the monitoring list of <JAIL>

set <JAIL> addfailregex <REGEX>

adds the regular expression <REGEX> which must match failures for <JAIL>

set <JAIL> delfailregex <INDEX>

removes the regular expression at <INDEX> for failregex

set <JAIL> ignorecommand <VALUE>

sets ignorecommand of <JAIL>

set <JAIL> addignoreregex <REGEX>

adds the regular expression <REGEX> which should match pattern to exclude for <JAIL>

set <JAIL> delignoreregex <INDEX>

removes the regular expression at <INDEX> for ignoreregex

set <JAIL> findtime <TIME>

sets the number of seconds <TIME> for which the filter will look back for <JAIL>

set <JAIL> bantime <TIME>

sets the number of seconds <TIME> a host will be banned for <JAIL>

set <JAIL> usedns <VALUE>

sets the usedns mode for <JAIL>

set <JAIL> banip <IP>

manually Ban <IP> for <JAIL>

set <JAIL> unbanip <IP>

manually Unban <IP> in <JAIL>

set <JAIL> maxretry <RETRY>

sets the number of failures <RETRY> before banning the host for <JAIL>

set <JAIL> addaction <ACT>

adds a new action named <NAME> for <JAIL>

set <JAIL> delaction <ACT>

removes the action <NAME> from <JAIL>

set <JAIL> setcinfo <ACT> <KEY> <VALUE>

sets <VALUE> for <KEY> of the action <NAME> for <JAIL>

set <JAIL> delcinfo <ACT> <KEY>

removes <KEY> for the action <NAME> for <JAIL>

set <JAIL> actionstart <ACT> <CMD>

sets the start command <CMD> of the action <ACT> for <JAIL>

set <JAIL> actionstop <ACT> <CMD>

sets the stop command <CMD> of the action <ACT> for <JAIL>

set <JAIL> actioncheck <ACT> <CMD>

sets the check command <CMD> of the action <ACT> for <JAIL>

set <JAIL> actionban <ACT> <CMD>

sets the ban command <CMD> of the action <ACT> for <JAIL>

set <JAIL> actionunban <ACT> <CMD>

sets the unban command <CMD> of the action <ACT> for <JAIL>

  • JAIL INFORMATION

get <JAIL> logpath

gets the list of the monitored files for <JAIL>

get <JAIL> ignoreip

gets the list of ignored IP addresses for <JAIL>

get <JAIL> ignorecommand

gets ignorecommand of <JAIL>

get <JAIL> failregex

gets the list of regular expressions which matches the failures for <JAIL>

get <JAIL> ignoreregex

gets the list of regular expressions which matches patterns to ignore for <JAIL>

get <JAIL> findtime

gets the time for which the filter will look back for failures for <JAIL>

get <JAIL> bantime

gets the time a host is banned for <JAIL>

get <JAIL> usedns

gets the usedns setting for <JAIL>

get <JAIL> maxretry

gets the number of failures allowed for <JAIL>

get <JAIL> addaction

gets the last action which has been added for <JAIL>

get <JAIL> actionstart <ACT>

gets the start command for the action <ACT> for <JAIL>

get <JAIL> actionstop <ACT>

gets the stop command for the action <ACT> for <JAIL>

get <JAIL> actioncheck <ACT>

gets the check command for the action <ACT> for <JAIL>

get <JAIL> actionban <ACT>

gets the ban command for the action <ACT> for <JAIL>

get <JAIL> actionunban <ACT>

gets the unban command for the action <ACT> for <JAIL>

get <JAIL> cinfo <ACT> <KEY>

gets the value for <KEY> for the action <ACT> for <JAIL>

FILES

/etc/fail2ban/*

AUTHOR

Written by Cyril Jaquier <[email protected]>. Many contributions by Yaroslav O. Halchenko <[email protected]>.

REPORTING BUGS

Report bugs via Debian bug tracking system http://www.debian.org/Bugs/ .

COPYRIGHT

Copyright © 2004-2008 Cyril Jaquier, 2008- Fail2Ban Contributors

Copyright of modifications held by their respective authors. Licensed under the GNU General Public License v2 (GPL).

RELATED TO fail2ban-client…

fail2ban-server(1) jail.conf(5)