How can I verify if a ban rule is in effect for a specific jail ?
Initiate win2ban-shell at the root of the installation directory and issue the command below (example jail win2ban-network-logon):
$ fail2ban-client status win2ban-network-logon
Status for the jail: win2ban-network-logon
|- Filter
| |- Currently failed: 1
| |- Total failed: 5
| `- File list: /winlogbeat/logs/eventlog
`- Actions
|- Currently banned: 1
|- Total banned: 2
`- Banned IP list: 192.168.100.22
The related firewall rule(s) can be displayed by using the following Powershell command:
get-netfirewallrule -all | Where-Object {$_.DisplayName -like "win2ban*"} | Format-Table
Name DisplayName DisplayGroup Enabled Profile Direction Action
---- ----------- ------------ ------- ------- --------- ------
{F9BAA4EB-D8A8-48C7-9205-D3246D70F990} win2ban - ban 192.168.100.22 True Any Inbound Block
Featured product
Free Software Highlights
Release Announcements
- 2024-11-17 OpenSSL tool 2.0.1
- 2024-11-17 Winrpe 5.6.0
- 2024-11-17 Wrbldnsd 5.0.2