doc/fail2ban.md
vpellarrey ade0bf132f * 1rst pass - French localization
- Addition of french files
- Traduction of existing incomplete french file based on english and subject comprehension
- Correction of found link reference using _en suffix
- deletion of duplicate file
2015-05-20 12:39:51 +02:00

2.2 KiB

Fail2ban

For a number of reasons, an IP adresse may be wrongly blacklisted. If you wish to access your server through this specifi IP you will need to unblock it.

IP unblock

First, list all iptables rules with : iptables -L --line-numbers :

root@beudi:~# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    fail2ban-yunohost  tcp  --  anywhere             anywhere             multiport dports http,https
2    fail2ban-nginx  tcp  --  anywhere             anywhere             multiport dports http,https
3    fail2ban-dovecot  tcp  --  anywhere             anywhere             multiport dports smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
4    fail2ban-sasl  tcp  --  anywhere             anywhere             multiport dports smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
5    fail2ban-ssh  tcp  --  anywhere             anywhere             multiport dports ssh

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         

Chain fail2ban-dovecot (1 references)
num  target     prot opt source               destination         
1    RETURN     all  --  anywhere             anywhere            

Chain fail2ban-nginx (1 references)
num  target     prot opt source               destination         
1    RETURN     all  --  anywhere             anywhere            

Chain fail2ban-sasl (1 references)
num  target     prot opt source               destination         
1    RETURN     all  --  anywhere             anywhere            

Chain fail2ban-ssh (1 references)
num  target     prot opt source               destination         
1    RETURN     all  --  anywhere             anywhere            

Chain fail2ban-yunohost (1 references)
num  target     prot opt source               destination         
1    DROP       all  --  80.215.197.201       anywhere            
2    RETURN     all  --  anywhere             anywhere 

Here, Ip adress 80.215.197.201 is banned in the fail2ban-yunohost rule. To unblock:

iptables -D rule_name entry_number

For example :

iptables -D fail2ban-yunohost 1