Fail2ban is a popular security utility that automatically detects suspicious traffic and bans the IPs requesting them to your server. You can also customize its security rules as per your requirement. However, sometimes you may want to view banned IP in Fail2ban. In this article, we will learn how to show banned IP in Fail2ban.
How to Show Banned IP in Fail2ban
The easiest way to view banned IPs is to search for the keyword “Ban” or “Ban:” in Fail2ban log files. Open terminal and run the following command to do so.
$ sudo zgrep 'Ban' /var/log/fail2ban.log*
If you want a count of banned IPs, pipe the output of above command to wc command, as shown below.
$ sudo zgrep 'Ban' /var/log/fail2ban.log* | wc -l
Alternatively, you can also view all iptables rules with the following command.
$ sudo iptables -L INPUT -v -n | less
In this short article, we have learnt how to list all banned IP addresses in Fail2ban.