Fail2ban action for reporting to BadIPs.com

badips.conf

# Fail2Ban action for reporting to badips.com
#
# Author: Robert Wohleb
#

[Definition]

# Option:  actionstart
# Notes.:  command executed once at the start of Fail2Ban.
# Values:  CMD
#
actionstart = if [ -n "<key>" ]; then wget -q -O /dev/null http://www.badips.com/set/key/<key>; fi

# Option:  actionstop
# Notes.:  command executed once at the end of Fail2Ban
# Values:  CMD
#
actionstop =

# Option:  actioncheck
# Notes.:  command executed once before each actionban command
# Values:  CMD
#
actioncheck =

# Option:  actionban
# Notes.:  command executed when banning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
# Tags:    <ip>  IP address
#          <failures>  number of failures
#          <time>  unix timestamp of the ban time
# Values:  CMD
#
actionban = wget -q -O /dev/null http://www.badips.com/add/<category>/<ip>

# Option:  actionunban
# Notes.:  command executed when unbanning an IP. Take care that the
#          command is executed with Fail2Ban user rights.
# Tags:    <ip>  IP address
#          <failures>  number of failures
#          <time>  unix timestamp of the ban time
# Values:  CMD
#
actionunban =

[Init]

# Option:  category
# Notes.:  used as the category to send to badips.com
# Values:  [ STRING ]  Default: ssh
category = ssh

# Option:  key
# Notes.:  used as the API key to send to badips.com
# Values:  [ STRING ]  Default:
key = 

You can then add it to specific jails rather than the global ban action if you prefer. Here is an example:

[ssh]

enabled  = true
port     = ssh
filter   = sshd
logpath  = /var/log/auth.log
maxretry = 6
action = %(action_mw)s
             badips[category="ssh", key="65bedf87249c427b0cb461687d25f7ac5d493540"]