github
/
fail2ban
mirror of https://github.com/fail2ban/fail2ban
1
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5983 Commits
32 Branches
229 Tags
34 MiB
 
 
 
Tree: 54c0effceb
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '54c0effceb'
${ noResults }
fail2ban/man/fail2ban-client.1

505 lines
11 KiB
Raw Blame History

.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.49.3.
.TH FAIL2BAN-CLIENT "1" "April 2024" "Fail2Ban v1.1.1.dev1" "User Commands"
.SH NAME
fail2ban-client \- configure and control the server
.SH SYNOPSIS
.B fail2ban-client
[\fI\,OPTIONS\/\fR] \fI\,<COMMAND>\/\fR
.SH DESCRIPTION
Fail2Ban v1.1.1.dev1 reads log file that contains password failure report
and bans the corresponding IP addresses using firewall rules.
.SH OPTIONS
.TP
\fB\-c\fR, \fB\-\-conf\fR <DIR>
configuration directory
.TP
\fB\-s\fR, \fB\-\-socket\fR <FILE>
socket path
.TP
\fB\-p\fR, \fB\-\-pidfile\fR <FILE>
pidfile path
.TP
\fB\-\-pname\fR <NAME>
name of the process (main thread) to identify instance (default fail2ban\-server)
.TP
\fB\-\-loglevel\fR <LEVEL>
logging level
.TP
\fB\-\-logtarget\fR <TARGET>
logging target, use file\-name or stdout, stderr, syslog or sysout.
.HP
\fB\-\-syslogsocket\fR auto|<FILE>
.TP
\fB\-d\fR
dump configuration. For debugging
.TP
\fB\-\-dp\fR, \fB\-\-dump\-pretty\fR
dump the configuration using more human readable representation
.TP
\fB\-t\fR, \fB\-\-test\fR
test configuration (can be also specified with start parameters)
.TP
\fB\-i\fR
interactive mode
.TP
\fB\-v\fR
increase verbosity
.TP
\fB\-q\fR
decrease verbosity
.TP
\fB\-x\fR
force execution of the server (remove socket file)
.TP
\fB\-b\fR
start server in background (default)
.TP
\fB\-f\fR
start server in foreground
.TP
\fB\-\-async\fR
start server in async mode (for internal usage only, don't read configuration)
.TP
\fB\-\-timeout\fR
timeout to wait for the server (for internal usage only, don't read configuration)
.TP
\fB\-\-str2sec\fR <STRING>
convert time abbreviation format to seconds
.TP
\fB\-h\fR, \fB\-\-help\fR
display this help message
.TP
\fB\-V\fR, \fB\-\-version\fR
print the version (\fB\-V\fR returns machine\-readable short format)
.SH COMMAND
.IP
BASIC
.TP
\fBstart\fR
starts the server and the jails
.TP
\fBrestart\fR
restarts the server
.TP
\fBrestart [\-\-unban] [\-\-if\-exists] <JAIL>\fR
restarts the jail <JAIL> (alias
for 'reload \fB\-\-restart\fR ... <JAIL>')
.TP
\fBreload [\-\-restart] [\-\-unban] [\-\-all]\fR
reloads the configuration without
restarting of the server, the
option '\-\-restart' activates
completely restarting of affected
jails, thereby can unban IP
addresses (if option '\-\-unban'
specified)
.TP
\fBreload [\-\-restart] [\-\-unban] [\-\-if\-exists] <JAIL>\fR
reloads the jail <JAIL>, or
restarts it (if option '\-\-restart'
specified)
.TP
\fBstop\fR
stops all jails and terminate the
server
.TP
\fBunban \fB\-\-all\fR\fR
unbans all IP addresses (in all
jails and database)
.TP
\fBunban <IP> ... <IP>\fR
unbans <IP> (in all jails and
database)
.TP
\fBbanned\fR
return jails with banned IPs as
dictionary
.TP
\fBbanned <IP> ... <IP>]\fR
return list(s) of jails where
given IP(s) are banned
.TP
\fBstatus\fR
gets the current status of the
server
.TP
\fBstatus \fB\-\-all\fR [FLAVOR]\fR
gets the current status of all
jails, with optional flavor or
extended info
.TP
\fBstat[istic]s\fR
gets the current statistics of all
jails as table
.TP
\fBping\fR
tests if the server is alive
.TP
\fBecho\fR
for internal usage, returns back
and outputs a given string
.TP
\fBhelp\fR
return this output
.TP
\fBversion\fR
return the server version
.IP
LOGGING
.TP
\fBset loglevel <LEVEL>\fR
sets logging level to <LEVEL>.
Levels: CRITICAL, ERROR, WARNING,
NOTICE, INFO, DEBUG, TRACEDEBUG,
HEAVYDEBUG or corresponding
numeric value (50\-5)
.TP
\fBget loglevel\fR
gets the logging level
.TP
\fBset logtarget <TARGET>\fR
sets logging target to <TARGET>.
Can be STDOUT, STDERR, SYSLOG,
SYSTEMD\-JOURNAL or a file
.TP
\fBget logtarget\fR
gets logging target
.TP
\fBset syslogsocket auto|<SOCKET>\fR
sets the syslog socket path to
auto or <SOCKET>. Only used if
logtarget is SYSLOG
.TP
\fBget syslogsocket\fR
gets syslog socket path
.TP
\fBflushlogs\fR
flushes the logtarget if a file
and reopens it. For log rotation.
.IP
DATABASE
.TP
\fBset dbfile <FILE>\fR
set the location of fail2ban
persistent datastore. Set to
"None" to disable
.TP
\fBget dbfile\fR
get the location of fail2ban
persistent datastore
.TP
\fBset dbmaxmatches <INT>\fR
sets the max number of matches
stored in database per ticket
.TP
\fBget dbmaxmatches\fR
gets the max number of matches
stored in database per ticket
.TP
\fBset dbpurgeage <SECONDS>\fR
sets the max age in <SECONDS> that
history of bans will be kept
.TP
\fBget dbpurgeage\fR
gets the max age in seconds that
history of bans will be kept
.IP
JAIL CONTROL
.TP
\fBadd <JAIL> <BACKEND>\fR
creates <JAIL> using <BACKEND>
.TP
\fBstart <JAIL>\fR
starts the jail <JAIL>
.TP
\fBstop <JAIL>\fR
stops the jail <JAIL>. The jail is
removed
.TP
\fBstatus <JAIL> [FLAVOR]\fR
gets the current status of <JAIL>,
with optional flavor or extended
info
.IP
JAIL CONFIGURATION
.TP
\fBset <JAIL> idle on|off\fR
sets the idle state of <JAIL>
.TP
\fBset <JAIL> ignoreself true|false\fR
allows the ignoring of own IP
addresses
.TP
\fBset <JAIL> addignoreip <IP>\fR
adds <IP> to the ignore list of
<JAIL>
.TP
\fBset <JAIL> delignoreip <IP>\fR
removes <IP> from the ignore list
of <JAIL>
.TP
\fBset <JAIL> ignorecommand <VALUE>\fR
sets ignorecommand of <JAIL>
.TP
\fBset <JAIL> ignorecache <VALUE>\fR
sets ignorecache of <JAIL>
.TP
\fBset <JAIL> addlogpath <FILE> ['tail']\fR
adds <FILE> to the monitoring list
of <JAIL>, optionally starting at
the 'tail' of the file (default
\&'head').
.TP
\fBset <JAIL> dellogpath <FILE>\fR
removes <FILE> from the monitoring
list of <JAIL>
.TP
\fBset <JAIL> logencoding <ENCODING>\fR
sets the <ENCODING> of the log
files for <JAIL>
.TP
\fBset <JAIL> addjournalmatch <MATCH>\fR
adds <MATCH> to the journal filter
of <JAIL>
.TP
\fBset <JAIL> deljournalmatch <MATCH>\fR
removes <MATCH> from the journal
filter of <JAIL>
.TP
\fBset <JAIL> addfailregex <REGEX>\fR
adds the regular expression
<REGEX> which must match failures
for <JAIL>
.TP
\fBset <JAIL> delfailregex <INDEX>\fR
removes the regular expression at
<INDEX> for failregex
.TP
\fBset <JAIL> addignoreregex <REGEX>\fR
adds the regular expression
<REGEX> which should match pattern
to exclude for <JAIL>
.TP
\fBset <JAIL> delignoreregex <INDEX>\fR
removes the regular expression at
<INDEX> for ignoreregex
.TP
\fBset <JAIL> findtime <TIME>\fR
sets the number of seconds <TIME>
for which the filter will look
back for <JAIL>
.TP
\fBset <JAIL> bantime <TIME>\fR
sets the number of seconds <TIME>
a host will be banned for <JAIL>
.TP
\fBset <JAIL> datepattern <PATTERN>\fR
sets the <PATTERN> used to match
date/times for <JAIL>
.TP
\fBset <JAIL> usedns <VALUE>\fR
sets the usedns mode for <JAIL>
.TP
\fBset <JAIL> attempt <IP> [<failure1> ... <failureN>]\fR
manually notify about <IP> failure
.TP
\fBset <JAIL> banip <IP> ... <IP>\fR
manually Ban <IP> for <JAIL>
.TP
\fBset <JAIL> unbanip [\-\-report\-absent] <IP> ... <IP>\fR
manually Unban <IP> in <JAIL>
.TP
\fBset <JAIL> maxretry <RETRY>\fR
sets the number of failures
<RETRY> before banning the host
for <JAIL>
.TP
\fBset <JAIL> maxmatches <INT>\fR
sets the max number of matches
stored in memory per ticket in
<JAIL>
.TP
\fBset <JAIL> maxlines <LINES>\fR
sets the number of <LINES> to
buffer for regex search for <JAIL>
.TP
\fBset <JAIL> addaction <ACT>[ <PYTHONFILE> <JSONKWARGS>]\fR
adds a new action named <ACT> for
<JAIL>. Optionally for a Python
based action, a <PYTHONFILE> and
<JSONKWARGS> can be specified,
else will be a Command Action
.TP
\fBset <JAIL> delaction <ACT>\fR
removes the action <ACT> from
<JAIL>
.IP
COMMAND ACTION CONFIGURATION
.TP
\fBset <JAIL> action <ACT> actionstart <CMD>\fR
sets the start command <CMD> of
the action <ACT> for <JAIL>
.TP
\fBset <JAIL> action <ACT> actionstop <CMD> sets the stop command <CMD> of the\fR
action <ACT> for <JAIL>
.TP
\fBset <JAIL> action <ACT> actioncheck <CMD>\fR
sets the check command <CMD> of
the action <ACT> for <JAIL>
.TP
\fBset <JAIL> action <ACT> actionban <CMD>\fR
sets the ban command <CMD> of the
action <ACT> for <JAIL>
.TP
\fBset <JAIL> action <ACT> actionunban <CMD>\fR
sets the unban command <CMD> of
the action <ACT> for <JAIL>
.TP
\fBset <JAIL> action <ACT> timeout <TIMEOUT>\fR
sets <TIMEOUT> as the command
timeout in seconds for the action
<ACT> for <JAIL>
.IP
GENERAL ACTION CONFIGURATION
.TP
\fBset <JAIL> action <ACT> <PROPERTY> <VALUE>\fR
sets the <VALUE> of <PROPERTY> for
the action <ACT> for <JAIL>
.TP
\fBset <JAIL> action <ACT> <METHOD>[ <JSONKWARGS>]\fR
calls the <METHOD> with
<JSONKWARGS> for the action <ACT>
for <JAIL>
.IP
JAIL INFORMATION
.TP
\fBget <JAIL> banned\fR
return banned IPs of <JAIL>
.TP
\fBget <JAIL> banned <IP> ... <IP>]\fR
return 1 if IP is banned in <JAIL>
otherwise 0, or a list of 1/0 for
multiple IPs
.TP
\fBget <JAIL> logpath\fR
gets the list of the monitored
files for <JAIL>
.TP
\fBget <JAIL> logencoding\fR
gets the encoding of the log files
for <JAIL>
.TP
\fBget <JAIL> journalmatch\fR
gets the journal filter match for
<JAIL>
.TP
\fBget <JAIL> ignoreself\fR
gets the current value of the
ignoring the own IP addresses
.TP
\fBget <JAIL> ignoreip\fR
gets the list of ignored IP
addresses for <JAIL>
.TP
\fBget <JAIL> ignorecommand\fR
gets ignorecommand of <JAIL>
.TP
\fBget <JAIL> failregex\fR
gets the list of regular
expressions which matches the
failures for <JAIL>
.TP
\fBget <JAIL> ignoreregex\fR
gets the list of regular
expressions which matches patterns
to ignore for <JAIL>
.TP
\fBget <JAIL> findtime\fR
gets the time for which the filter
will look back for failures for
<JAIL>
.TP
\fBget <JAIL> bantime\fR
gets the time a host is banned for
<JAIL>
.TP
\fBget <JAIL> datepattern\fR
gets the pattern used to match
date/times for <JAIL>
.TP
\fBget <JAIL> usedns\fR
gets the usedns setting for <JAIL>
.TP
\fBget <JAIL> banip [<SEP>|\-\-with\-time]\fR
gets the list of of banned IP
addresses for <JAIL>. Optionally
the separator character ('<SEP>',
default is space) or the option '
\fB\-\-with\-time\fR' (printing the times
of ban) may be specified. The IPs
are ordered by end of ban.
.TP
\fBget <JAIL> maxretry\fR
gets the number of failures
allowed for <JAIL>
.TP
\fBget <JAIL> maxmatches\fR
gets the max number of matches
stored in memory per ticket in
<JAIL>
.TP
\fBget <JAIL> maxlines\fR
gets the number of lines to buffer
for <JAIL>
.TP
\fBget <JAIL> actions\fR
gets a list of actions for <JAIL>
.IP
COMMAND ACTION INFORMATION
.TP
\fBget <JAIL> action <ACT> actionstart\fR
gets the start command for the
action <ACT> for <JAIL>
.TP
\fBget <JAIL> action <ACT> actionstop\fR
gets the stop command for the
action <ACT> for <JAIL>
.TP
\fBget <JAIL> action <ACT> actioncheck\fR
gets the check command for the
action <ACT> for <JAIL>
.TP
\fBget <JAIL> action <ACT> actionban\fR
gets the ban command for the
action <ACT> for <JAIL>
.TP
\fBget <JAIL> action <ACT> actionunban\fR
gets the unban command for the
action <ACT> for <JAIL>
.TP
\fBget <JAIL> action <ACT> timeout\fR
gets the command timeout in
seconds for the action <ACT> for
<JAIL>
.IP
GENERAL ACTION INFORMATION
.TP
\fBget <JAIL> actionproperties <ACT>\fR
gets a list of properties for the
action <ACT> for <JAIL>
.TP
\fBget <JAIL> actionmethods <ACT>\fR
gets a list of methods for the
action <ACT> for <JAIL>
.TP
\fBget <JAIL> action <ACT> <PROPERTY>\fR
gets the value of <PROPERTY> for
the action <ACT> for <JAIL>
.SH FILES
\fI/etc/fail2ban/*\fR
.SH "REPORTING BUGS"
Report bugs to https://github.com/fail2ban/fail2ban/issues
.SH "SEE ALSO"
.br
fail2ban-server(1)
jail.conf(5)