Security

fail2ban CLI

fail2ban commands for intrusion prevention and ban management.

32 commands

Windows MacOS Linux

#intrusion-prevention #security

Download PDF

Service Control

Start the fail2ban service

sudo systemctl start fail2ban

Stop the fail2ban service

sudo systemctl stop fail2ban

Restart fail2ban to apply changes

sudo systemctl restart fail2ban

Check fail2ban service status

sudo systemctl status fail2ban

Test if fail2ban server is alive

sudo fail2ban-client ping

Reload configuration without restart

sudo fail2ban-client reload

Jail Management

List all active jails

sudo fail2ban-client status

Start a specific jail

sudo fail2ban-client start sshd

Stop a specific jail

sudo fail2ban-client stop sshd

Reload configuration for a jail

sudo fail2ban-client reload sshd

Add a new jail at runtime

sudo fail2ban-client add sshd

Get max retry value for a jail

sudo fail2ban-client get sshd maxretry

Set ban time to 1 hour for a jail

sudo fail2ban-client set sshd bantime 3600

Ban Management

Manually ban an IP address

sudo fail2ban-client set sshd banip 192.168.1.100

Unban a specific IP address

sudo fail2ban-client set sshd unbanip 192.168.1.100

List all currently banned IPs

sudo fail2ban-client get sshd banned

Unban all IPs across all jails

sudo fail2ban-client unban --all

Unban an IP from all jails

sudo fail2ban-client unban 192.168.1.100

Status

Show detailed status of a jail

sudo fail2ban-client status sshd

Get the current ban duration

sudo fail2ban-client get sshd bantime

Get the failure counting window

sudo fail2ban-client get sshd findtime

Get the max failures before ban

sudo fail2ban-client get sshd maxretry

List actions configured for a jail

sudo fail2ban-client get sshd actions

Show the failure regex patterns

sudo fail2ban-client get sshd failregex

Configuration

Show the database file location

sudo fail2ban-client get dbfile

Show the current log level

sudo fail2ban-client get loglevel

Set the log level to INFO

sudo fail2ban-client set loglevel INFO

Show the log target path

sudo fail2ban-client get logtarget

Test a regex against a log file

sudo fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf

Quick Commands

Show detailed status of the sshd jail including banned IPs

sudo fail2ban-client status sshd

Unban a specific IP address from the sshd jail

sudo fail2ban-client set sshd unbanip 192.168.1.100

Reload all fail2ban configuration without restarting the service

sudo fail2ban-client reload

Back to Cheatsheets Download PDF