So I’m using Fail2ban and the way it bans and unbans IP addresses is by using the
ufw deny from xx.xx.xx.xx to any and
allow. However, because new rules need to stay on the top of the list (above the allow any any), I can’t seem to reallow access without manually doing a
ufw status numbered and deleting the original rule.
Is there any way that I can do something like
ufw allow from x.x.x.x to any and automatically remove any existing “deny” rules? Otherwise, I’m not sure how fail2ban can ever remove an IP ban with ufw once it has already been placed.
You delete a rule from
ufw by specifying it the same way you did when adding it, but specifying to
delete it instead.
For instance, if you blocked an IP address with:
ufw deny from 203.0.113.85 to any
You would remove the rule with:
ufw delete deny from 203.0.113.85 to any
If you read the file
/etc/fail2ban/action.d/ufw.conf you will see that this is exactly what it is doing.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.