1

using fail2ban for years, working nice, would like to automate and harden the security for my router.

So I would like that fail2ban created a local file, example, list.txt file with a list of banned IP addresses.

Something similar to this https://sslbl.abuse.ch/blacklist/sslipblacklist.txt

So I could share it on a webpage. My router is set up to import blocked IPs from such sources.

So how could I manage to do something like that? Any ideas?

Johnny
  • 19
  • 1
  • Does this answer your question? [How to show all banned ip with fail2ban?](https://serverfault.com/questions/841183/how-to-show-all-banned-ip-with-fail2ban) – digijay Oct 07 '20 at 15:55

1 Answers1

0

Yes, you can forexample add a function to an existing "action" located in /etc/fail2ban/action.d/ , in my case I just added it into the "iptables-multiport.conf" file.

actionban = <iptables> -I f2b-<name> 1 -s <ip> -j <blocktype>
                echo '<ip>' >> /path/to/file/ips.txt
Orphans
  • 1,404
  • 17
  • 26
  • Added, restarted fail2ban but there is no file! – Johnny Oct 07 '20 at 14:54
  • Can someone explain why above mentioned dose not work? Any other solution? – Johnny Oct 08 '20 at 07:00
  • It could be everything to permission issues to a typo in your configuration. – Orphans Oct 08 '20 at 09:47
  • So put the code as mentioned above actionban = -I f2b- 1 -s -j echo '' >> /var/fail2ban/ip.txt Permissions are like other files. Were to look, how to test? Can some one please explain? – Johnny Oct 08 '20 at 10:40