I was more specifically trying to figure out why after the fwconsole firewall sync command doesnt the trusted ip get scrubbed from the jail’s banned IPs.
/var/www/html/admin/modules/firewall/hooks/dynamic-jails gets ran via the cron as part of the sync process and has the code to scrub the IP from the jails if supplied the action = unbanip and settings[‘ip’] = whitelisted ip from trusted.
I have since created my own script that does something similar and it runs via cron but feel like this function should be included with the sync function and reload function.
unless I am missing yet another flag from the GUI which is quite possible.
Sorry, I don’t use the FPBX firewall, I’m just showing you what your fail2ban is ultimately using. If the culprit network/host is in ignoreip for a particular jail then any tentative ‘bans’ from your machine or it’s subnet peers, fail2ban would otherwise show something like in it’s logs
. . . .fail2ban.filter [20775]: INFO [asterisk] Ignore nnn.nnn.nnn.nnn by ip
Perhaps add a more leniant ignoreip for the whole subnet
Also presumably the whole firewall is using iptables so iptables -L might find the REJECT/DROP yourIP in some other chain before fail2ban chains are processed