fail2ban bans IP address of attackers it gathers from service logs (Apache, postfix, etc). It has a command line utility to start/stop fail2ban, plus getting status reports, etc. But it didn’t have a command to manually add a banned IP for a certain jail. This patch adds that functionality. I’ve sent it to Cyril today (Apr 10, 2009), but I’m posting it here cause I never got a response from Cyril on other matters, so I’m not sure if he’s getting my messages
fail2ban-client set ssh-iptables banip 126.96.36.199
Hope it’s useful for you!
- Proactive protection enhancements for fail2ban – Part 1
- Fail2ban rules for lighttpd fastcgi alerts
- I’m now a fail2ban developer :D
- Anulando la inyeccion de RST en Bittorrent
- Fail2ban filter for PHP Injection attacks