New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cannot unban IP #132

Closed
vsespb opened this Issue Mar 7, 2013 · 10 comments

Comments

Projects
None yet
6 participants
@vsespb

vsespb commented Mar 7, 2013

Fail2Ban 0.8.6 Ubuntu 12.04

Cannot get it to unban single IP

# fail2ban-client status
Status
|- Number of jail:  2
`- Jail list:       ssh, nginx-naxsi
# fail2ban-client -vvv get nginx-naxsi  actionunban 10.0.2.2
DEBUG  Reading /etc/fail2ban/fail2ban
DEBUG  Reading files: ['/etc/fail2ban/fail2ban.conf', '/etc/fail2ban/fail2ban.local']
INFO   Using socket file /var/run/fail2ban/fail2ban.sock
DEBUG  NOK: ()
DEBUG  Beautify (error) KeyError() with ['get', 'nginx-naxsi', 'actionunban', '10.0.2.2']
@kwirk

This comment has been minimized.

Contributor

kwirk commented Mar 7, 2013

@vsespb I think the command you are after is:

fail2ban-client set nginx-naxsi unbanip 10.0.2.2
@vsespb

This comment has been minimized.

vsespb commented Mar 7, 2013

that's version 0.8.6, as I mentioned.

fail2ban-client set nginx-naxsi unbanip 10.0.2.2
Invalid command (no set action or not yet implemented)
@kwirk

This comment has been minimized.

Contributor

kwirk commented Mar 7, 2013

@vsespb Ah... I suspect you are unable to unban with fail2ban 0.8.6. The actionunban command is used to set/get the command which would be execute when unbanning. You could always add the address to the ignoreip for the jail if applicable, or you will have to manually change your firewall, deleting the rule for the IP in question.

@yarikoptic

This comment has been minimized.

Member

yarikoptic commented Mar 7, 2013

thank you @kwirk for the clarifications

as for unbanip -- it is provided since 0.8.8

   * [2d672d1,6288ec2] 'unbanip' command for the client + avoidance of touching
     the log file to take 'banip' or 'unbanip' in effect. Close gh-81, gh-86

Thus closing this report

@yarikoptic yarikoptic closed this Mar 7, 2013

@yarikoptic

This comment has been minimized.

Member

yarikoptic commented Mar 7, 2013

@vsespb on http://www.fail2ban.org/wiki/index.php/Downloads I have added a reference to NeuroDebian as the resource of backport builds of fail2ban, if you decide to try 0.8.8

Cheers

@vsespb

This comment has been minimized.

vsespb commented Mar 7, 2013

Ok. Thanks! Backborts is great idea..

seems I googled for several places where actionunban is advised as way to unban ip

http://www.howtoforge.com/forums/showthread.php?t=51366
http://serverfault.com/questions/285256/how-to-unban-an-ip-properly-with-fail2ban

now I understand those were simply wrong advices.

@yarikoptic

This comment has been minimized.

Member

yarikoptic commented Mar 7, 2013

On Thu, 07 Mar 2013, Victor Efimov wrote:

seems I googled for several places where actionunban is advised as way to
unban ip

[1]http://www.howtoforge.com/forums/showthread.php?t=51366
[2]http://serverfault.com/questions/285256/how-to-unban-an-ip-properly-with-fail2ban

oh yeah -- people are inventive and at times side-effects of incorrect
functioning might even suggest that the desired effects are achieved.
if only they RTFM ;-)

now I understand those were simply wrong advices.

good ;-)

Yaroslav O. Halchenko
http://neuro.debian.net http://www.pymvpa.org http://www.fail2ban.org
Postdoctoral Fellow, Department of Psychological and Brain Sciences
Dartmouth College, 419 Moore Hall, Hinman Box 6207, Hanover, NH 03755
Phone: +1 (603) 646-9834 Fax: +1 (603) 646-1419
WWW: http://www.linkedin.com/in/yarik

@bubluy

This comment has been minimized.

bubluy commented Jul 24, 2013

Sorry to bring up an old thread. I was curious what would be the best way to unban on fail2ban 0.8.6, if we don't want to install backports?

@grooverdan

This comment has been minimized.

Contributor

grooverdan commented Jul 24, 2013

@bubluy you can manually remove the stuff using whatever the unban action is manually. Please use the mailing list for support.

@aseques

This comment has been minimized.

Contributor

aseques commented Apr 22, 2014

Since the people (as me) are still coming for this question, this is the workaround we are using for the recidive plugin

IP=123.123.123.123
cat /var/log/fail2ban.log | grep -v $IP > /tmp/fail2ban.tmp
cp /tmp/fail2ban.tmp /var/log/fail2ban.log
iptables -D  fail2ban-recidive -s $IP -j DROP
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment