Fail2ban
Fail2Ban is a service that automatically blocks failed connection attempts to services running on a node. The remote IP addresses are then usually blacklisted for up to 10 minutes before being allowed again.
Commands
- devops fail2ban start
- Start Fail2ban if stopped
- devops fail2ban stop
- Stop Fail2ban if started
- devops fail2ban reload
- Reload Fail2ban, reload the configuration and perform a graceful restart
- devops fail2ban restart
- Restart Fail2ban, reload the configuration (but kills existing connection)
- devops fail2ban ip ban
-
Ban an IP address to a service (known to fail2ban)
Options
Name Type Description Required ip string IP address of the host to ban Required jail string The service to ban the IP address from - devops fail2ban ip unban
-
Lift a ban from an IP address to a service (known to fail2ban)
Options
Name Type Description Required ip string IP address of the host to unban Required jail string The service to unban the IP address from
Configuration
-
configuration:
- fail2ban:
- ignoreip string
- Space separated list of IP addresses, CIDR masks or DNS hosts for which Fail2ban will never block connection attempts.