From 4f03b3cda6dd7aba2866f853d10e3c5ca6f411cd Mon Sep 17 00:00:00 2001
From: Andrew Cornford <andrewcornford@groupmsl.co.uk>
Date: Mon, 9 Jun 2025 11:03:33 +0100
Subject: [PATCH] Possible to add IPs or ranges for fail2ban to ignore

---
 target/bin/fail2ban | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/target/bin/fail2ban b/target/bin/fail2ban
index 8a76fcda..643016b2 100755
--- a/target/bin/fail2ban
+++ b/target/bin/fail2ban
@@ -69,6 +69,38 @@ else
       fi
       ;;
 
+    ( 'ignore' )
+      shift
+      if [[ -n ${1} ]]; then
+
+        for JAIL in "${JAILS[@]}"; do
+          fail2ban-client set "${JAIL}" addignoreip "${@}" 2>&1
+
+          [ $? -eq 0 ] && echo "Will ignore from ${JAIL}"
+        done
+
+      else
+        _log 'warn' "You need to specify an IP address: Run './setup.sh fail2ban ignore <IP or CDIR range>'"
+        exit 0
+      fi
+      ;;
+
+    ( 'consider' )
+      shift
+      if [[ -n ${1} ]]; then
+
+        for JAIL in "${JAILS[@]}"; do
+          RESULT=$(fail2ban-client set "${JAIL}" delignoreip "${@}" 2>&1)
+
+          [[ ${RESULT} != *"x not in list"* ]] && [[ ${RESULT} != *"NOK"* ]] && echo "Will consider from ${JAIL}: ${RESULT}"
+        done
+
+      else
+        _log 'warn' "You need to specify an IP address: Run './setup.sh fail2ban consider <IP or CDIR range>'"
+        exit 0
+      fi
+      ;;
+
     ( 'log' )
       cat /var/log/mail/fail2ban.log
       ;;