The “fail2ban” is a utility that helps protect Linux servers from brute-force attacks by blocking the IP addresses. It works by monitoring log files for failed login attempts and then using firewall rules to block the IP address of the client that made the attempts.
The aim of this tutorial is to provide various ways to unban an IP in fail2ban. The supported content of this guide is as follows:
- Prerequisite: Install fail2ban on Linux
- Unban an IP Address
- Check the Ban IP Addresses
- Unban the IP Address from a fail2ban Jail
Let’s start the article with the installation of fail2ban.
Prerequisite: Install fail2ban on Linux
To use fail2ban, you will need to install it on your Linux server and then configure it to monitor the log files you want to protect. To install the fail2ban in linux distributions, follow the below script for “Ubuntu”, “CentOS”, and “Fedora”:
$ sudo apt install fail2ban #Debian/Ubuntu-based
$ sudo yum install fail2ban #CentOS
$ sudo dnf install fail2ban #Fedora
How to Unban an IP in fail2ban?
In the context of fail2ban, a “jail” is a specific set of rules and actions that Fail2ban applies to incoming traffic to a particular service or network.
In this section, the fail2ban utility is used to check and unban the banned IP address.
Check the Ban IP Addresses
To identify the specific IP address which is banned in the system, the “fail2ban-client” command is used with the “status” option over the “sshd”. For instance, execute the script with the “sudo” privilege:
$ sudo fail2ban-client status sshd
The output shows that the IP address “192.168.188.172” is banned from the IP list.
Example 1: Unban an IP Address From All Jails
To unban an IP address that fail2ban has banned, you can use the fail2ban-client command-line tool. Run the following command to unban the IP address from all fail2ban jails:
$ sudo fail2ban-client unban 192.168.188.172
The output shows that the specified IP address has been unbanned.
Example 2: Unban the IP Address From a fail2ban Jail
If you want to unban the IP address from a specific “fail2ban” jail, you can use the unban command with the -j option by specifying the banned IP address:
$ sudo fail2ban-client set sshd unbanip 192.168.188.172
The output confirms that “192.168.188.172” has been unbanned in the system.
That is all from the guide to unbanning an IP in fail2ban.
Conclusion
To unban an IP in fail2ban, the “fail2ban-client” utility is used by specifying the banned IP Address in IP List. It is useful for protecting servers against unauthorized access (preventing attackers from guessing passwords by repeatedly trying different combinations). This guide has explained various methods to unban an IP in fail2ban.
