1FAIL2BAN-CLIENT(1) User Commands FAIL2BAN-CLIENT(1)
2
6 fail2ban-client - configure and control the server
7
9 fail2ban-client [OPTIONS] <COMMAND>
10
12 Fail2Ban v0.11.2 reads log file that contains password failure report
13 and bans the corresponding IP addresses using firewall rules.
14
16 -c, --conf <DIR>
17 configuration directory
18 -s, --socket <FILE>
20 socket path
21 -p, --pidfile <FILE>
23 pidfile path
24 --pname <NAME>
26 name of the process (main thread) to identify instance (default
27 fail2ban-server)
28 --loglevel <LEVEL>
30 logging level
31 --logtarget <TARGET>
33 logging target, use file-name or stdout, stderr, syslog or
34 sysout.
35 --syslogsocket auto|<FILE>
37 -d dump configuration. For debugging
39 --dp, --dump-pretty
41 dump the configuration using more human readable representation
42 -t, --test
44 test configuration (can be also specified with start parameters)
45 -i interactive mode
47 -v increase verbosity
49 -q decrease verbosity
51 -x force execution of the server (remove socket file)
53 -b start server in background (default)
55 -f start server in foreground
57 --async
59 start server in async mode (for internal usage only, don't read
60 configuration)
61 --timeout
63 timeout to wait for the server (for internal usage only, don't
64 read configuration)
65 --str2sec <STRING>
67 convert time abbreviation format to seconds
68 -h, --help
70 display this help message
71 -V, --version
73 print the version (-V returns machine-readable short format)
74
76 BASIC
77 start starts the server and the jails
79 restart
81 restarts the server
82 restart [--unban] [--if-exists] <JAIL>
84 restarts the jail <JAIL> (alias for 'reload --restart ...
85 <JAIL>')
86 reload [--restart] [--unban] [--all]
88 reloads the configuration without restarting of the server, the
89 option '--restart' activates completely restarting of affected
90 jails, thereby can unban IP addresses (if option '--unban' spec‐
91 ified)
92 reload [--restart] [--unban] [--if-exists] <JAIL>
94 reloads the jail <JAIL>, or restarts it (if option '--restart'
95 specified)
96 stop stops all jails and terminate the server
98 unban --all
100 unbans all IP addresses (in all jails and database)
101 unban <IP> ... <IP>
103 unbans <IP> (in all jails and database)
104 banned return jails with banned IPs as dictionary
106 banned <IP> ... <IP>]
108 return list(s) of jails where given IP(s) are banned
109 status gets the current status of the server
111 ping tests if the server is alive
113 echo for internal usage, returns back and outputs a given string
115 help return this output
117 version
119 return the server version
120 LOGGING
122 set loglevel <LEVEL>
124 sets logging level to <LEVEL>. Levels: CRITICAL, ERROR, WARN‐
125 ING, NOTICE, INFO, DEBUG, TRACEDEBUG, HEAVYDEBUG or correspond‐
126 ing numeric value (50-5)
127 get loglevel
129 gets the logging level
130 set logtarget <TARGET>
132 sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG
133 or a file
134 get logtarget
136 gets logging target
137 set syslogsocket auto|<SOCKET>
139 sets the syslog socket path to auto or <SOCKET>. Only used if
140 logtarget is SYSLOG
141 get syslogsocket
143 gets syslog socket path
144 flushlogs
146 flushes the logtarget if a file and reopens it. For log rota‐
147 tion.
148 DATABASE
150 set dbfile <FILE>
152 set the location of fail2ban persistent datastore. Set to "None"
153 to disable
154 get dbfile
156 get the location of fail2ban persistent datastore
157 set dbmaxmatches <INT>
159 sets the max number of matches stored in database per ticket
160 get dbmaxmatches
162 gets the max number of matches stored in database per ticket
163 set dbpurgeage <SECONDS>
165 sets the max age in <SECONDS> that history of bans will be kept
166 get dbpurgeage
168 gets the max age in seconds that history of bans will be kept
169 JAIL CONTROL
171 add <JAIL> <BACKEND>
173 creates <JAIL> using <BACKEND>
174 start <JAIL>
176 starts the jail <JAIL>
177 stop <JAIL>
179 stops the jail <JAIL>. The jail is removed
180 status <JAIL> [FLAVOR]
182 gets the current status of <JAIL>, with optional flavor or
183 extended info
184 JAIL CONFIGURATION
186 set <JAIL> idle on|off
188 sets the idle state of <JAIL>
189 set <JAIL> ignoreself true|false
191 allows the ignoring of own IP addresses
192 set <JAIL> addignoreip <IP>
194 adds <IP> to the ignore list of <JAIL>
195 set <JAIL> delignoreip <IP>
197 removes <IP> from the ignore list of <JAIL>
198 set <JAIL> ignorecommand <VALUE>
200 sets ignorecommand of <JAIL>
201 set <JAIL> ignorecache <VALUE>
203 sets ignorecache of <JAIL>
204 set <JAIL> addlogpath <FILE> ['tail']
206 adds <FILE> to the monitoring list of <JAIL>, optionally start‐
207 ing at the 'tail' of the file (default 'head').
208 set <JAIL> dellogpath <FILE>
210 removes <FILE> from the monitoring list of <JAIL>
211 set <JAIL> logencoding <ENCODING>
213 sets the <ENCODING> of the log files for <JAIL>
214 set <JAIL> addjournalmatch <MATCH>
216 adds <MATCH> to the journal filter of <JAIL>
217 set <JAIL> deljournalmatch <MATCH>
219 removes <MATCH> from the journal filter of <JAIL>
220 set <JAIL> addfailregex <REGEX>
222 adds the regular expression <REGEX> which must match failures
223 for <JAIL>
224 set <JAIL> delfailregex <INDEX>
226 removes the regular expression at <INDEX> for failregex
227 set <JAIL> addignoreregex <REGEX>
229 adds the regular expression <REGEX> which should match pattern
230 to exclude for <JAIL>
231 set <JAIL> delignoreregex <INDEX>
233 removes the regular expression at <INDEX> for ignoreregex
234 set <JAIL> findtime <TIME>
236 sets the number of seconds <TIME> for which the filter will look
237 back for <JAIL>
238 set <JAIL> bantime <TIME>
240 sets the number of seconds <TIME> a host will be banned for
241 <JAIL>
242 set <JAIL> datepattern <PATTERN>
244 sets the <PATTERN> used to match date/times for <JAIL>
245 set <JAIL> usedns <VALUE>
247 sets the usedns mode for <JAIL>
248 set <JAIL> attempt <IP> [<failure1> ... <failureN>]
250 manually notify about <IP> failure
251 set <JAIL> banip <IP> ... <IP>
253 manually Ban <IP> for <JAIL>
254 set <JAIL> unbanip [--report-absent] <IP> ... <IP>
256 manually Unban <IP> in <JAIL>
257 set <JAIL> maxretry <RETRY>
259 sets the number of failures <RETRY> before banning the host for
260 <JAIL>
261 set <JAIL> maxmatches <INT>
263 sets the max number of matches stored in memory per ticket in
264 <JAIL>
265 set <JAIL> maxlines <LINES>
267 sets the number of <LINES> to buffer for regex search for <JAIL>
268 set <JAIL> addaction <ACT>[ <PYTHONFILE> <JSONKWARGS>]
270 adds a new action named <ACT> for <JAIL>. Optionally for a
271 Python based action, a <PYTHONFILE> and <JSONKWARGS> can be
272 specified, else will be a Command Action
273 set <JAIL> delaction <ACT>
275 removes the action <ACT> from <JAIL>
276 COMMAND ACTION CONFIGURATION
278 set <JAIL> action <ACT> actionstart <CMD>
280 sets the start command <CMD> of the action <ACT> for <JAIL>
281 set <JAIL> action <ACT> actionstop <CMD> sets the stop command <CMD> of
283 the
284 action <ACT> for <JAIL>
285 set <JAIL> action <ACT> actioncheck <CMD>
287 sets the check command <CMD> of the action <ACT> for <JAIL>
288 set <JAIL> action <ACT> actionban <CMD>
290 sets the ban command <CMD> of the action <ACT> for <JAIL>
291 set <JAIL> action <ACT> actionunban <CMD>
293 sets the unban command <CMD> of the action <ACT> for <JAIL>
294 set <JAIL> action <ACT> timeout <TIMEOUT>
296 sets <TIMEOUT> as the command timeout in seconds for the action
297 <ACT> for <JAIL>
298 GENERAL ACTION CONFIGURATION
300 set <JAIL> action <ACT> <PROPERTY> <VALUE>
302 sets the <VALUE> of <PROPERTY> for the action <ACT> for <JAIL>
303 set <JAIL> action <ACT> <METHOD>[ <JSONKWARGS>]
305 calls the <METHOD> with <JSONKWARGS> for the action <ACT> for
306 <JAIL>
307 JAIL INFORMATION
309 get <JAIL> banned
311 return banned IPs of <JAIL>
312 get <JAIL> banned <IP> ... <IP>]
314 return 1 if IP is banned in <JAIL> otherwise 0, or a list of 1/0
315 for multiple IPs
316 get <JAIL> logpath
318 gets the list of the monitored files for <JAIL>
319 get <JAIL> logencoding
321 gets the encoding of the log files for <JAIL>
322 get <JAIL> journalmatch
324 gets the journal filter match for <JAIL>
325 get <JAIL> ignoreself
327 gets the current value of the ignoring the own IP addresses
328 get <JAIL> ignoreip
330 gets the list of ignored IP addresses for <JAIL>
331 get <JAIL> ignorecommand
333 gets ignorecommand of <JAIL>
334 get <JAIL> failregex
336 gets the list of regular expressions which matches the failures
337 for <JAIL>
338 get <JAIL> ignoreregex
340 gets the list of regular expressions which matches patterns to
341 ignore for <JAIL>
342 get <JAIL> findtime
344 gets the time for which the filter will look back for failures
345 for <JAIL>
346 get <JAIL> bantime
348 gets the time a host is banned for <JAIL>
349 get <JAIL> datepattern
351 gets the patern used to match date/times for <JAIL>
352 get <JAIL> usedns
354 gets the usedns setting for <JAIL>
355 get <JAIL> banip [<SEP>|--with-time]
357 gets the list of of banned IP addresses for <JAIL>. Optionally
358 the separator character ('<SEP>', default is space) or the
359 option '--with-time' (printing the times of ban) may be speci‐
360 fied. The IPs are ordered by end of ban.
361 get <JAIL> maxretry
363 gets the number of failures allowed for <JAIL>
364 get <JAIL> maxmatches
366 gets the max number of matches stored in memory per ticket in
367 <JAIL>
368 get <JAIL> maxlines
370 gets the number of lines to buffer for <JAIL>
371 get <JAIL> actions
373 gets a list of actions for <JAIL>
374 COMMAND ACTION INFORMATION
376 get <JAIL> action <ACT> actionstart
378 gets the start command for the action <ACT> for <JAIL>
379 get <JAIL> action <ACT> actionstop
381 gets the stop command for the action <ACT> for <JAIL>
382 get <JAIL> action <ACT> actioncheck
384 gets the check command for the action <ACT> for <JAIL>
385 get <JAIL> action <ACT> actionban
387 gets the ban command for the action <ACT> for <JAIL>
388 get <JAIL> action <ACT> actionunban
390 gets the unban command for the action <ACT> for <JAIL>
391 get <JAIL> action <ACT> timeout
393 gets the command timeout in seconds for the action <ACT> for
394 <JAIL>
395 GENERAL ACTION INFORMATION
397 get <JAIL> actionproperties <ACT>
399 gets a list of properties for the action <ACT> for <JAIL>
400 get <JAIL> actionmethods <ACT>
402 gets a list of methods for the action <ACT> for <JAIL>
403 get <JAIL> action <ACT> <PROPERTY>
405 gets the value of <PROPERTY> for the action <ACT> for <JAIL>
406
408 /etc/fail2ban/*
409
411 Report bugs to https://github.com/fail2ban/fail2ban/issues
412
414 fail2ban-server(1) jail.conf(5)
415fail2ban-client v0.11.2 November 2020 FAIL2BAN-CLIENT(1)