NAME¶
fail2ban-client - configure and control the server
SYNOPSIS¶
fail2ban-client [
OPTIONS]
<COMMAND>
DESCRIPTION¶
Fail2Ban v0.8.2 reads log file that contains password failure report and bans
the corresponding IP addresses using firewall rules.
OPTIONS¶
- -c <DIR>
- configuration directory
- -s <FILE>
- socket path
- -d
- dump configuration. For debugging
- -i
- interactive mode
- -v
- increase verbosity
- -q
- decrease verbosity
- -x
- force execution of the server (remove socket file)
- -h, --help
- display this help message
- -V, --version
- print the version
COMMAND¶
- BASIC
- start
- starts the server and the jails
- reload
- reloads the configuration
- reload <JAIL>
- reloads the jail <JAIL>
- stop
- stops all jails and terminate the server
- status
- gets the current status of the server
- ping
- tests if the server is alive
- LOGGING
- set loglevel <LEVEL>
- sets logging level to <LEVEL>. 0 is minimal, 4 is
debug
- get loglevel
- gets the logging level
- set logtarget <TARGET>
- sets logging target to <TARGET>. Can be STDOUT,
STDERR, SYSLOG or a file
- get logtarget
- gets logging target
- JAIL CONTROL
- add <JAIL> <BACKEND>
- creates <JAIL> using <BACKEND>
- start <JAIL>
- starts the jail <JAIL>
- stop <JAIL>
- stops the jail <JAIL>. The jail is removed
- status <JAIL>
- gets the current status of <JAIL>
- JAIL CONFIGURATION
- set <JAIL> idle on|off
- sets the idle state of <JAIL>
- set <JAIL> addignoreip <IP>
- adds <IP> to the ignore list of <JAIL>
- set <JAIL> delignoreip <IP>
- removes <IP> from the ignore list of
<JAIL>
- set <JAIL> addlogpath <FILE>
- adds <FILE> to the monitoring list of
<JAIL>
- set <JAIL> dellogpath <FILE>
- removes <FILE> to the monitoring list of
<JAIL>
- set <JAIL> addfailregex <REGEX>
- adds the regular expression <REGEX> which must match
failures for <JAIL>
- set <JAIL> delfailregex <INDEX>
- removes the regular expression at <INDEX> for
failregex
- set <JAIL> addignoreregex <REGEX>
- adds the regular expression <REGEX> which should
match pattern to exclude for <JAIL>
- set <JAIL> delignoreregex <INDEX>
- removes the regular expression at <INDEX> for
ignoreregex
- set <JAIL> findtime <TIME>
- sets the number of seconds <TIME> for which the
filter will look back for <JAIL>
- set <JAIL> bantime <TIME>
- sets the number of seconds <TIME> a host will be
banned for <JAIL>
- set <JAIL> maxretry <RETRY>
- sets the number of failures <RETRY> before banning
the host for <JAIL>
- set <JAIL> addaction <ACT>
- adds a new action named <NAME> for <JAIL>
- set <JAIL> delaction <ACT>
- removes the action <NAME> from <JAIL>
- set <JAIL> setcinfo <ACT> <KEY>
<VALUE>
- sets <VALUE> for <KEY> of the action
<NAME> for <JAIL>
- set <JAIL> delcinfo <ACT>
<KEY>
- removes <KEY> for the action <NAME> for
<JAIL>
- set <JAIL> actionstart <ACT>
<CMD>
- sets the start command <CMD> of the action
<ACT> for <JAIL>
- set <JAIL> actionstop <ACT>
<CMD>
- sets the stop command <CMD> of the action <ACT>
for <JAIL>
- set <JAIL> actioncheck <ACT>
<CMD>
- sets the check command <CMD> of the action
<ACT> for <JAIL>
- set <JAIL> actionban <ACT>
<CMD>
- sets the ban command <CMD> of the action <ACT>
for <JAIL>
- set <JAIL> actionunban <ACT>
<CMD>
- sets the unban command <CMD> of the action
<ACT> for <JAIL>
- JAIL INFORMATION
- get <JAIL> logpath
- gets the list of the monitored files for <JAIL>
- get <JAIL> ignoreip
- gets the list of ignored IP addresses for <JAIL>
- get <JAIL> timeregex
- gets the regular expression used for the time detection for
<JAIL>
- get <JAIL> timepattern
- gets the pattern used for the time detection for
<JAIL>
- get <JAIL> failregex
- gets the list of regular expressions which matches the
failures for <JAIL>
- get <JAIL> ignoreregex
- gets the list of regular expressions which matches patterns
to ignore for <JAIL>
- get <JAIL> findtime
- gets the time for which the filter will look back for
failures for <JAIL>
- get <JAIL> bantime
- gets the time a host is banned for <JAIL>
- get <JAIL> maxretry
- gets the number of failures allowed for <JAIL>
- get <JAIL> addaction
- gets the last action which has been added for
<JAIL>
- get <JAIL> actionstart <ACT>
- gets the start command for the action <ACT> for
<JAIL>
- get <JAIL> actionstop <ACT>
- gets the stop command for the action <ACT> for
<JAIL>
- get <JAIL> actioncheck <ACT>
- gets the check command for the action <ACT> for
<JAIL>
- get <JAIL> actionban <ACT>
- gets the ban command for the action <ACT> for
<JAIL>
- get <JAIL> actionunban <ACT>
- gets the unban command for the action <ACT> for
<JAIL>
FILES¶
/etc/fail2ban/*
AUTHOR¶
Written by Cyril Jaquier <cyril.jaquier@fail2ban.org>. Many contributions
by Yaroslav O. Halchenko <debian@onerussian.com>.
REPORTING BUGS¶
Please report bugs via Debian bug tracking system
http://www.debian.org/Bugs/.
COPYRIGHT¶
Copyright © 2004-2008 Cyril Jaquier
Copyright of modifications held by their respective authors. Licensed under the
GNU General Public License v2 (GPL).
SEE ALSO¶
fail2ban-server(1)