The fail2ban module could do with a little bit of a redesign as in certain cases it is impossible to remove a ban/view ip’s from a certain jail if you have over 15 entries in that jail.
This was not so bad when the ip tables module was in the networking area (it’s now moved to unused) as it at least had pagination to view the extra IP’s
You mentioned you were looking for iptables which isn’t used by Ubuntu. I was pointing out it isn’t being used and was letting you know what to look for… Oh well.
No, they’re right, I don’t see any easy way to see all the rules fail2ban has generated. They’re not visible in the firewalld module, the fail2ban module doesn’t make it nice, and the iptables module shouldn’t generally be used on a firewalld system. So, it’s a "you can’t get there from her"e situation. And, I get why that’d be frustrating.
I don’t have an immediate solution, but I’ll bring it up with @Jamie and @Ilia
Yes, it’s been awhile since I needed to remove an ip from Fail2ban. But, you would have to find the ipset and use the --get-entries to show the list of all the banned ip’s
While I realize F2B adds a rule to the firewall, wouldn’t it make more sense to extend F2B module to list IP addresses it’s actively blocking? Then allow a user to “unblock” and/or “whitelist” an IP address from F2B since it could just issue the F2B command which unblocks an IP address and/or adds to the whitelist…
If you know the ip there is already a command to remove it from within F2B with command lines.
Like I said, It’s been awhile for me, but you can do a lot within F2B.
The rules fail2ban is adding aren’t really firewalld rules, they’re added to an ipset, which is…it’s own thing. Not listable in firewalld, as far as I know. But, it’s not really something I’ve looked too deeply at.
@tpnsolutions@staff if you hover over an IP the module allows you to remove the entry from the fail2ban jail which is just what I need … the ability to see just the first 25 entries is an issue for me . but the extra commands could be useful