asterisk: fail2ban & ip tables

  1. /etc/init.d/fail2ban restart
  2. /etc/init.d/fail2ban reload
  3. /etc/init.d/iptables-persistent restart

When you reload or restart fail2ban all the bans are removed. 


One problem with this wonderful solution (which is related to iptables, not fail2ban), is that when you reboot your server all the rules and blocked IPs are deleted. On my case I want all this IPs permanent, so to accomplish this you run. 

# dpkg-reconfigure iptables-persistent


# iptables -S

And your rules will be maintained after reboot. 


If you want to Flush the 

# iptables -F

# /etc/init.d/iptables-persistent flush



To Save and Restore Iptables Persistent

# /sbin/iptables-save > /etc/iptables/rules.v4

# iptables-restore < /etc/iptables/rules.v4



Fail2Ban Database

# /var/lib/fail2ban



Fail2ban Filter Regex Tester


fail2ban-regex /var/log/mysql/error.log ".*@'<HOST>' \(using password: (YES|NO)\)*"





/etc/init.d/fail2ban stop
rm -fr /var/lib/fail2ban/fail2ban.sqlite3
cat /dev/null > /var/log/fail2ban.log
/etc/init.d/fail2ban restart
/etc/init.d/fail2ban reload






fail2ban-regex /var/log/mysql/error.log /etc/fail2ban/filter.d/mysqld-auth.conf

Leave a Reply

Your email address will not be published. Required fields are marked *