How can I verify if a ban rule is in effect for a specific jail ?

Initiate win2ban-shell  at the root of the installation directory and issue the command below (example jail win2ban-network-logon):

 

$ fail2ban-client status win2ban-network-logon

Status for the jail: win2ban-network-logon

|- Filter

|  |- Currently failed: 1

|  |- Total failed:     5

|  `- File list:        /winlogbeat/logs/eventlog

`- Actions

   |- Currently banned: 1

   |- Total banned:     2

   `- Banned IP list:   192.168.100.22

 

The related firewall rule(s) can be displayed by using the following Powershell command:

get-netfirewallrule -all | Where-Object {$_.DisplayName -like "win2ban*"} | Format-Table

Name                                   DisplayName                  DisplayGroup Enabled Profile Direction Action

----                                   -----------                  ------------ ------- ------- --------- ------ 

{F9BAA4EB-D8A8-48C7-9205-D3246D70F990} win2ban - ban 192.168.100.22              True    Any     Inbound   Block

Release news

2024-12-31 icurl 1.1.0
2024-12-28 Win2ban 2.0.5
2024-11-25 Copssh client 8.0.0

more ...