Commands
From Fail2ban
Revision as of 00:55, 16 December 2006 by Lostcontrol (Talk | contribs)
The commands presented above can be executed using:
$ fail2ban-client <COMMAND>
or by typing them in the interactive console available with:
$ fail2ban-client -i
Basic
| Command | Description | |
| start | starts the server and the jails | |
| reload | reloads the configuration | |
| stop | stops all jails and terminate the server | |
| status | gets the current status of the server | |
| ping | tests if the server is alive |
Logging
| Command | Description | |
| set loglevel <LEVEL> | sets logging level to <LEVEL>. 0 is minimal, 4 is debug | |
| get loglevel | gets the logging level | |
| set logtarget <TARGET> | sets logging target to <TARGET>. Can be STDOUT, STDERR, SYSLOG or a file | |
| get logtarget | gets logging target |
Jail control
| Command | Description | |
| add <JAIL> <BACKEND> | creates <JAIL> using <BACKEND> | |
| start <JAIL> | starts the jail <JAIL> | |
| stop <JAIL> | stops the jail <JAIL>. The jail is removed | |
| status <JAIL> | gets the current status of <JAIL> |
Jail configuration
| Command | Description | |
| off | sets the idle state of <JAIL> | |
| set <JAIL> addignoreip <IP> | adds <IP> to the ignore list of <JAIL> | |
| set <JAIL> delignoreip <IP> | removes <IP> from the ignore list of <JAIL> | |
| set <JAIL> addlogpath <FILE> | adds <FILE> to the monitoring list of <JAIL> | |
| set <JAIL> dellogpath <FILE> | removes <FILE> to the monitoring list of <JAIL> | |
| set <JAIL> timeregex <REGEX> | sets the regular expression <REGEX> to match the date format for <JAIL>. This will disable the autodetection feature. | |
| set <JAIL> timepattern <PATTERN> | sets the pattern <PATTERN> to match the date format for <JAIL>. This will disable the autodetection feature. | |
| set <JAIL> failregex <REGEX> | sets the regular expression <REGEX> which must match failures for <JAIL> | |
| set <JAIL> ignoreregex <REGEX> | sets the regular expression <REGEX> which should match pattern to exclude for <JAIL> | |
| set <JAIL> findtime | sets the number of seconds <TIME> for which the filter will look back for <JAIL> | |
| <tt>set <JAIL> bantime <TIME></tt> | sets the number of seconds <TIME> a host will be banned for <JAIL> | |
| <tt>set <JAIL> maxretry <RETRY></tt> | sets the number of failures <RETRY> before banning the host for <JAIL> | |
| <tt>set <JAIL> addaction <ACT></tt> | adds a new action named <NAME> for <JAIL> | |
| <tt>set <JAIL> delaction <ACT></tt> | removes the action <NAME> from <JAIL> | |
| <tt>set <JAIL> setcinfo <ACT> <KEY> <VALUE></tt> | sets <VALUE> for <KEY> of the action <NAME> for <JAIL> | |
| <tt>set <JAIL> delcinfo <ACT> <KEY></tt> | removes <KEY> for the action <NAME> for <JAIL> | |
| <tt>set <JAIL> actionstart <ACT> <CMD></tt> | sets the start command <CMD> of the action <ACT> for <JAIL> | |
| <tt>set <JAIL> actionstop <ACT> <CMD></tt> | sets the stop command <CMD> of the action <ACT> for <JAIL> | |
| <tt>set <JAIL> actioncheck <ACT> <CMD></tt> | sets the check command <CMD> of the action <ACT> for <JAIL> | |
| <tt>set <JAIL> actionban <ACT> <CMD></tt> | sets the ban command <CMD> of the action <ACT> for <JAIL> | |
| <tt>set <JAIL> actionunban <ACT> <CMD></tt> | sets the unban command <CMD> of the action <ACT> for <JAIL> |
Jail information
| Command | Description | |
| <tt>get <JAIL> logpath</tt> | gets the list of the monitored files for <JAIL> | |
| <tt>get <JAIL> ignoreip</tt> | gets the list of ignored IP addresses for <JAIL> | |
| <tt>get <JAIL> timeregex</tt> | gets the regular expression used for the time detection for <JAIL> | |
| <tt>get <JAIL> timepattern</tt> | gets the pattern used for the time detection for <JAIL> | |
| <tt>get <JAIL> failregex</tt> | gets the regular expression which matches the failures for <JAIL> | |
| <tt>get <JAIL> ignoreregex</tt> | gets the regular expression which matches patterns to ignore for <JAIL> | |
| <tt>get <JAIL> findtime</tt> | gets the time for which the filter will look back for failures for <JAIL> | |
| <tt>get <JAIL> bantime</tt> | gets the time a host is banned for <JAIL> | |
| <tt>get <JAIL> maxretry</tt> | gets the number of failures allowed for <JAIL> | |
| <tt>get <JAIL> addaction</tt> | gets the last action which has been added for <JAIL> | |
| <tt>get <JAIL> actionstart <ACT></tt> | gets the start command for the action <ACT> for <JAIL> | |
| <tt>get <JAIL> actionstop <ACT></tt> | gets the stop command for the action <ACT> for <JAIL> | |
| <tt>get <JAIL> actioncheck <ACT></tt> | gets the check command for the action <ACT> for <JAIL> | |
| <tt>get <JAIL> actionban <ACT></tt> | gets the ban command for the action <ACT> for <JAIL> | |
| <tt>get <JAIL> actionunban <ACT></tt> | gets the unban command for the action <ACT> for <JAIL> |
