Skip to content

Instantly share code, notes, and snippets.

@stephdl

stephdl/gist:6b0d6109a695a0d9a825ba355bd6dfff

Last active October 13, 2018 16:38
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save stephdl/6b0d6109a695a0d9a825ba355bd6dfff to your computer and use it in GitHub Desktop.
Save stephdl/6b0d6109a695a0d9a825ba355bd6dfff to your computer and use it in GitHub Desktop.
Download ZIP
unbanip
Raw
gistfile1.txt
#/var/log/fail2ban.log
2018-10-09 23:33:51,089 fail2ban.transmitter [25893]: WARNING Command ['set', 'apache-auth', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,135 fail2ban.transmitter [25893]: WARNING Command ['set', 'apache-badbots', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,183 fail2ban.transmitter [25893]: WARNING Command ['set', 'apache-fakegooglebot', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,228 fail2ban.transmitter [25893]: WARNING Command ['set', 'apache-modsecurity', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,273 fail2ban.transmitter [25893]: WARNING Command ['set', 'apache-nohome', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,318 fail2ban.transmitter [25893]: WARNING Command ['set', 'apache-noscript', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,364 fail2ban.transmitter [25893]: WARNING Command ['set', 'apache-overflows', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,409 fail2ban.transmitter [25893]: WARNING Command ['set', 'apache-scan', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,454 fail2ban.transmitter [25893]: WARNING Command ['set', 'apache-shellshock', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,499 fail2ban.transmitter [25893]: WARNING Command ['set', 'asterisk', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,544 fail2ban.transmitter [25893]: WARNING Command ['set', 'dovecot', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,590 fail2ban.transmitter [25893]: WARNING Command ['set', 'dovecot-nethserver', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,642 fail2ban.transmitter [25893]: WARNING Command ['set', 'ejabberd-auth', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,687 fail2ban.transmitter [25893]: WARNING Command ['set', 'httpd-admin', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,732 fail2ban.transmitter [25893]: WARNING Command ['set', 'mysqld-auth', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,779 fail2ban.transmitter [25893]: WARNING Command ['set', 'openvpn', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,825 fail2ban.transmitter [25893]: WARNING Command ['set', 'pam-generic', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,872 fail2ban.transmitter [25893]: WARNING Command ['set', 'pam-generic-nethserver', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,918 fail2ban.transmitter [25893]: WARNING Command ['set', 'postfix', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:51,963 fail2ban.transmitter [25893]: WARNING Command ['set', 'postfix-ddos', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:52,009 fail2ban.transmitter [25893]: WARNING Command ['set', 'postfix-rbl', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:52,054 fail2ban.actions [25893]: NOTICE [recidive] Unban 92.184.117.247
2018-10-09 23:33:52,304 fail2ban.transmitter [25893]: WARNING Command ['set', 'roundcube-auth', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:52,348 fail2ban.transmitter [25893]: WARNING Command ['set', 'sieve', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:52,392 fail2ban.transmitter [25893]: WARNING Command ['set', 'sogo-auth', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
2018-10-09 23:33:52,438 fail2ban.actions [25893]: NOTICE [sshd] Unban 92.184.117.247
2018-10-09 23:33:52,688 fail2ban.transmitter [25893]: WARNING Command ['set', 'sshd-ddos', 'unbanip', '92.184.117.247'] has failed. Received ValueError('IP 92.184.117.247 is not banned',)
[root@prometheus ~]# fail2ban-listban
If you want more information on a jail, do : fail2ban-client status {JailName}
Status of Jails
---------------
apache-auth Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
apache-badbots Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
apache-fakegooglebot Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
apache-modsecurity Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
apache-nohome Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
apache-noscript Jail enabled
- Currently banned: 0 - Total banned after service start: 4
- Banned IP:
apache-overflows Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
apache-scan Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
apache-shellshock Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
asterisk Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
dovecot Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
dovecot-nethserver Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
ejabberd-auth Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
httpd-admin Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
mysqld-auth Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
openvpn Jail enabled
- Currently banned: 0 - Total banned after service start: 38
- Banned IP:
pam-generic Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
pam-generic-nethserver Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
postfix Jail enabled
- Currently banned: 0 - Total banned after service start: 1
- Banned IP:
postfix-ddos Jail enabled
- Currently banned: 0 - Total banned after service start: 1
- Banned IP:
postfix-rbl Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
recidive Jail enabled
- Currently banned: 15 - Total banned after service start: 15
- Banned IP: 180.180.75.180 199.33.123.18 199.33.123.19 199.33.123.22 42.159.85.237 5.188.10.76 74.91.112.249 85.190.149.199 91.108.180.242 115.159.67.15 149.56.19.71 192.162.167.196 85.119.149.17 85.190.149.138 159.65.92.151
roundcube-auth Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
sieve Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
sogo-auth Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
sshd Jail enabled
- Currently banned: 0 - Total banned after service start: 57
- Banned IP:
sshd-ddos Jail enabled
- Currently banned: 0 - Total banned after service start: 0
- Banned IP:
List of all banned IP:
180.180.75.180
199.33.123.18
199.33.123.19
199.33.123.22
42.159.85.237
5.188.10.76
74.91.112.249
85.190.149.199
91.108.180.242
115.159.67.15
149.56.19.71
192.162.167.196
85.119.149.17
85.190.149.138
159.65.92.151
#/var/log/messages
Oct 9 23:33:52 prometheus /usr/libexec/nethserver/shorewall-nethserver[24873]: /var/lib/nethserver/fail2ban/fail2ban: DELETE 92.184.117.247=ban|action|drop|counter|2|date|Tue Oct 9 23:32:09 2018|jail|recidive
Oct 9 23:33:52 prometheus /usr/libexec/nethserver/shorewall-nethserver[24901]: /var/lib/nethserver/fail2ban/fail2ban: OLD 92.184.117.247=(undefined)
Oct 9 23:33:52 prometheus /usr/libexec/nethserver/shorewall-nethserver[24901]: /var/lib/nethserver/fail2ban/fail2ban: NEW 92.184.117.247=ban
Oct 9 23:33:52 prometheus /usr/libexec/nethserver/shorewall-nethserver[24901]: /var/lib/nethserver/fail2ban/fail2ban: OLD 92.184.117.247=ban
Oct 9 23:33:52 prometheus /usr/libexec/nethserver/shorewall-nethserver[24901]: /var/lib/nethserver/fail2ban/fail2ban: NEW 92.184.117.247=ban|counter|0
Oct 9 23:33:52 prometheus /usr/libexec/nethserver/shorewall-nethserver[24901]: /var/lib/nethserver/fail2ban/fail2ban: DELETE 92.184.117.247=ban|counter|0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment