Skip to content

Instantly share code, notes, and snippets.

Last active February 7, 2024 16:28
Show Gist options
  • Save sander1/075736a42db2c66bc6ce0fab159ca683 to your computer and use it in GitHub Desktop.
Save sander1/075736a42db2c66bc6ce0fab159ca683 to your computer and use it in GitHub Desktop.
Send Pushover notification from Fail2Ban
# Fail2Ban configuration file
# Notify on Startup
actionstart = /usr/bin/curl -s -F "token=<token>" -F "user=<user>" -F "title=[Fail2Ban] <name>" -F "message=Jail <name> has been started successfully."
# Notify on Shutdown
actionstop = /usr/bin/curl -s -F "token=<token>" -F "user=<user>" -F "title=[Fail2Ban] <name>" -F "message=Jail <name> has been stopped."
actioncheck =
# Notify on Banned
actionban = /usr/bin/curl -s -F "token=<token>" -F "user=<user>" -F "title=[Fail2Ban] <name>" -F "message=Banned IP: <ip> Lines containing IP: `grep '<ip>' <logpath>`"
# Notify on Unbanned
actionunban =
# Defaut name of the chain
name = default
# Application token key
token =
# User API key
user =
Copy link

sander1 commented Dec 24, 2016

Add pushover-notify action to action = (in jail.local) like so:

action = %(action_)s
         pushover-notify[name=%(__name__)s, logpath=%(logpath)s]

Copy link

when adding this as action, won't it replace the actual banning with a notification ? Cause I noticed that when I use action, the banning doesn't work anymore. Fail2Ban is reporting the IP has been banned, but it's not so. I think fail2ban considers a 'ban' a notification.

Copy link

Hi, where do I need to put pushover-notify in filters.d or actions.d and where do I need to add this

action = %(action_)s
pushover-notify[name=%(name)s, logpath=%(logpath)s]


Copy link

mouzzampk2014-zz commented Feb 27, 2019

I managed to run it :) Thank you so much. Could you please help me out how can I get notification when something unban

actionunban =

Thank you :)

Copy link

Chathu07 commented Mar 25, 2019

This script sends IP's re-banned notification every time when I restart fail2ban (stop and start or just use restart commands). Any way to disable pushover notifications when fail2ban, re-banned IP's on restarting its service?

I already checked fail2ban/config/action.d/complain.conf file,

# bypass ban/unban for restored tickets
norestored = 1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment