====== Fail2ban ======
Firstly I recommend to read the documentation (man fail2ban) and the comments in the configuration files.
Installation manual can be found on [[http://wiki.gentoo.org/wiki/Fail2ban | Gentoo Wiki]].
To view status of the Fail2ban server just put
$ fail2ban-client status
Status
|- Number of jail: 25
`- Jail list: php-url-fopen, nginx-login, pure-ftpd, solid-pop3d, nginx-noscript, postfix-tcpwrapper, squid, nsd, nginx-proxy, nginx-auth, nginx-badbots, dovecot-auth, lighttpd-auth, recidive, ssh-iptables, sendmail-auth, ssh-ddos, lighttpd-fastcgi, ssh-blocklist, ejabberd-auth, perdition, dovecot, nginx-http-auth, sendmail-reject, named-refused-tcp
To view status of any jail put
$ fail2ban-client status ssh-ddos # or any jail name
Status for the jail: ssh-ddos
|- filter
| |- File list: /var/log/messages
| |- Currently failed: 0
| `- Total failed: 0
`- action
|- Currently banned: 0
| `- IP list:
`- Total banned: 0
To view all current rules put
$ iptables -L -n
fail2ban-lighttpd-fastcgi tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
...
Chain fail2ban-nginx-noscript (1 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
To unban any IP from specific Jail until the next Fail2ban daemon restart:
iptables -D fail2ban-recidive -s 111.222.333.444 -j REJECT