From 4f03b3cda6dd7aba2866f853d10e3c5ca6f411cd Mon Sep 17 00:00:00 2001 From: Andrew Cornford Date: Mon, 9 Jun 2025 11:03:33 +0100 Subject: [PATCH] Possible to add IPs or ranges for fail2ban to ignore --- target/bin/fail2ban | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/target/bin/fail2ban b/target/bin/fail2ban index 8a76fcda..643016b2 100755 --- a/target/bin/fail2ban +++ b/target/bin/fail2ban @@ -69,6 +69,38 @@ else fi ;; + ( 'ignore' ) + shift + if [[ -n ${1} ]]; then + + for JAIL in "${JAILS[@]}"; do + fail2ban-client set "${JAIL}" addignoreip "${@}" 2>&1 + + [ $? -eq 0 ] && echo "Will ignore from ${JAIL}" + done + + else + _log 'warn' "You need to specify an IP address: Run './setup.sh fail2ban ignore '" + exit 0 + fi + ;; + + ( 'consider' ) + shift + if [[ -n ${1} ]]; then + + for JAIL in "${JAILS[@]}"; do + RESULT=$(fail2ban-client set "${JAIL}" delignoreip "${@}" 2>&1) + + [[ ${RESULT} != *"x not in list"* ]] && [[ ${RESULT} != *"NOK"* ]] && echo "Will consider from ${JAIL}: ${RESULT}" + done + + else + _log 'warn' "You need to specify an IP address: Run './setup.sh fail2ban consider '" + exit 0 + fi + ;; + ( 'log' ) cat /var/log/mail/fail2ban.log ;;