Unblocking fail2ban hosts

Posted in March 2012 by under sysadmin

To see what IPs have been blocked by Fail2ban type the following

iptables -L -n
            

This will output the iptables list and at the bottom you will see the Chain fail2ban-dovecot-pop3imap

Chain      fail2ban-dovecot-pop3imap (1 references)
target     prot opt source               destination
DROP       all  --  108.59.12.152        0.0.0.0/0
RETURN     all  --  0.0.0.0/0            0.0.0.0/0
            

Here you can see that 108.59.12.152 has been blocked by Fail2Ban when they attempted to brute force attack dovecot. If for some reason this host is not to be blocked, you can remove the IP 89.115.182.130 from the block list by using the following

iptables -D fail2ban-dovecot-pop3imap -s 89.115.182.130 -j DROP
            

This will remove the host from the block list and they should be able to access you server again.