Config files for fail2ban are in /etc/fail2ban.
On CentOS fail2ban uses SYSLOG which is /var/log/messages as its log file.
grep fail2ban
fail2ban bans addresses for 'bantime' seconds (often 10minutes) in /etc/fail2ban/fail2ban.conf
List currently banned IP addresses :
iptables -L -nv
Unban an IP address:
iptables -D fail2ban-ProFTPD -s X.X.X.X -j REJECT
X.X.X.X = the IP address you want to unban.
Specifically BAN an IP Address from Port 80 http:
list the rules in order:
iptables -nvL --line-numbers
...
11 1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
12 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
...
this means you must ban the IP address BEFORE it hits rule 11. As Rule 11 says ACCEPT packets from anywhere on port 80. So :
iptables -I INPUT 10 -p tcp --destination-port 80 -s patroller.dreamhost.com -j DROP
this INSERTS a rule at number 10.
To remove and unban the IP address:
iptables -D INPUT -p tcp --destination-port 80 -s patroller.dreamhost.com -j DROP
To save iptables rules and keep them on reboot
You can save them using :
iptables-save > /etc/iptables.confOR probably better idea is to install peristent iptables :
apt-get install iptables-peristent
this saves the rules to /etc/iptables/rules.v4 and /etc/iptables/rules.v6
To save or reload any changed rules use:
netfilter-persistent savenetfilter-persistent reload