# cat /var/log/fail2ban.log
2021-10-22 10:31:37,511 fail2ban.actions [12191]: NOTICE [dovecot] Restore Ban 66.131.38.234
2021-10-22 10:39:51,591 fail2ban.filter [12191]: INFO [dovecot] Found 10.0.0.1 - 2021-10-22 10:39:51
2021-10-22 10:40:03,245 fail2ban.filter [12191]: INFO [dovecot] Found 10.0.0.1 - 2021-10-22 10:40:03
2021-10-22 10:40:03,247 fail2ban.filter [12191]: INFO [dovecot] Found 10.0.0.1 - 2021-10-22 10:40:03
2021-10-22 10:40:03,286 fail2ban.actions [12191]: NOTICE [dovecot] Ban 10.0.0.1
10.0.0.1 là ip của router đang dùng. Không hiểu anh này làm gì đó em dovecot mà bị ban? Điều này thấy rõ qua câu lệnh
# fail2ban-client status dovecot
Status for the jail: dovecot
|- Filter
| |- Currently failed: 0
| |- Total failed: 3
| `- File list: /var/log/mail.log
`- Actions
|- Currently banned: 2
|- Total banned: 2
`- Banned IP list: 66.131.38.234 10.0.0.1
Để unban một ip, chúng ta phải biết ip đó gây lỗi với ứng dụng nào (eg. dovecot)
# fail2ban-client set dovecot unbanip 10.0.0.1
1
# fail2ban-client status dovecot
Status for the jail: dovecot
|- Filter
| |- Currently failed: 0
| |- Total failed: 3
| `- File list: /var/log/mail.log
`- Actions
|- Currently banned: 1
|- Total banned: 2
`- Banned IP list: 66.131.38.234