How to check if fail2ban banned some IP
Posted: Tue Aug 30, 2022 12:07 pm
To find out if some IP is banned, in your SSH, as root, run:
If as output you see the current date and this
Then this clearly indicates that IP has been banned on that current day.
If you are interested to find a reason for this ban (if servicename = MAIL), in your SSH, as root, run:
&
The reason for the ban often can be the wrong password sent multiple times through some phone or desktop mail app. This output indicates that:
Here is how to whitelist some IP in fail2ban - viewtopic.php?f=26&t=631
How to check if some user has wrong password in mail client application - viewtopic.php?t=656
Code: Select all
grep '123.123.123.123' /var/log/vesta/system.log
Code: Select all
2022-08-30 11:10:27 v-add-firewall-ban '123.123.123.123' 'servicename'
If you are interested to find a reason for this ban (if servicename = MAIL), in your SSH, as root, run:
Code: Select all
grep '123.123.123.123' /var/log/dovecot.log
Code: Select all
grep '123.123.123.123' /var/log/exim4/mainlog
Code: Select all
Aug 30 11:56:48 auth: Info: passwd-file([email protected],123.123.123.123): Password mismatch
How to check if some user has wrong password in mail client application - viewtopic.php?t=656