FreePBX | Register | Issues | Wiki | Portal | Support

How to clear a banned IP address?


(JSB) #1

Occasionally a remote Agent will lose internet access and then our Fail2Ban will ban their IP address as their remote phone tries to re-establish its connection to the PBX.

To clear the phone from the Fail2Ban list of Banned IP addresses:
a. I would prefer not to add the banned Agent’s IP address to the "Whitelist"
b. I tried selecting “Restart” of the Intrusion Detection module from within the FreePBX GUI, but 15 seconds after the restart the remote agent’s IP address appears again in the Banned IP address list.
c. After about 1-3 hours the banned IP address stops appearing on the Intrusion Detection list of Banned IP addresses.

What is the proper way to immediately clear a banned IP address so that the Max Retry is reset for that IP address?


#2

assuming it’s the last IP added in the fail2ban chain,

iptables -D fail2ban-SIP 1


(JSB) #3

Great suggestion but they are added so fast I can’t be sure it is the last I added. In the GUI it doesn’t show the banned order.

Any way to specify the IP address in your command?


#4

iptables -L fail2ban-SIP
gives you a list of the banned IPs

iptables -D fail2ban-SIP #
where # is the sequence number (1,2,3,4 etc…) of the IP you want to clear.

You can play with it a bit to figure out the correct number.
At worst you’ll just unblock the wrong IP
and your config does not ban for more than a couple of hours anyways.


#5

fail2ban-client --help

hence

fail2ban-client status
fail2ban-client <JAIL> unbanip a.b.c.d
fail2ban-client set <JAIL> addignoreip <IP> 
. 
.
.

(Matthew Jensen) #6

I didn’t want to dredge up this post, but I figured it was worth it to make sure no one else was confused. This may not have been the case when this was originally posted, but to unban an ip from a jail now, you need to put “set” in front of the jail name.

For example:
fail2ban-client set <JAIL> unbanip a.b.c.d